Skip to content

ML-DSA Pure Cert Support#251

Open
stenslae wants to merge 2 commits into
wolfSSL:mainfrom
stenslae:ml-dsa-cert
Open

ML-DSA Pure Cert Support#251
stenslae wants to merge 2 commits into
wolfSSL:mainfrom
stenslae:ml-dsa-cert

Conversation

@stenslae

@stenslae stenslae commented Jun 16, 2026

Copy link
Copy Markdown
Member
  • Self-signed certificate (CA) and CSR generation
  • CA-based certificate signing
  • Certificate verification
  • Includes updated documentation and test coverage for ML-DSA workflows

Notes:

  • X.509 extensions are currently not fully supported for ML-DSA
  • wolfssl-x509(1) -text cannot fully decode ML-DSA SubjectPublicKey

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread src/x509/clu_mldsa.c Outdated
Comment thread src/sign-verify/clu_x509_verify.c Outdated
Comment thread src/sign-verify/clu_x509_verify.c Outdated
@stenslae stenslae force-pushed the ml-dsa-cert branch 2 times, most recently from 7b1ecb7 to 915636c Compare June 16, 2026 20:12
Comment thread src/x509/clu_mldsa.c Outdated

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

Findings: 3
3 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread src/x509/clu_mldsa.c
Comment thread src/x509/clu_mldsa.c
Comment thread src/x509/clu_mldsa.c Outdated
Comment thread src/x509/clu_mldsa.c
Comment thread src/x509/clu_mldsa.c Outdated
Comment thread src/x509/clu_mldsa.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread src/x509/clu_mldsa.c Outdated
Comment thread src/sign-verify/clu_x509_verify.c Outdated
Comment thread src/x509/clu_mldsa.c Outdated
Comment thread src/sign-verify/clu_x509_verify.c Outdated

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread src/sign-verify/clu_x509_verify.c Outdated
Comment thread src/x509/clu_mldsa.c Outdated
Comment thread src/sign-verify/clu_x509_verify.c Outdated
Comment thread src/x509/clu_mldsa.c Outdated

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

No new issues found in the changed files. ✅

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

Findings: 2
2 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread src/x509/clu_mldsa.c
Comment thread src/x509/clu_request_setup.c
Comment thread src/x509/clu_mldsa.c
Comment thread src/x509/clu_request_setup.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-src
Failed targets: wolfclu-bugs

⚠️ Review incomplete — one or more scan targets failed before findings could be produced. See the Fenrir PR review detail page for logs.

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

Findings: 1
1 finding(s) posted as inline comments (see file-level comments below)

This review was generated automatically by Fenrir. Findings are non-blocking.

Comment thread src/genkey/clu_genkey.c
Comment thread src/genkey/clu_genkey.c

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #251

Scan targets checked: wolfclu-bugs, wolfclu-src

No new issues found in the changed files. ✅

@stenslae stenslae requested a review from cconlon June 30, 2026 15:17
@dgarske dgarske assigned wolfSSL-Bot and philljj and unassigned cconlon and stenslae Jul 7, 2026
@dgarske dgarske requested a review from philljj July 7, 2026 21:40
@philljj philljj requested a review from Copilot July 9, 2026 17:12

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 33 out of 33 changed files in this pull request and generated 2 comments.

Comment thread src/x509/clu_x509_sign.c
Comment thread src/sign-verify/clu_x509_verify.c

@philljj philljj left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

First pass.

Comment thread src/genkey/clu_genkey.c
int pemBufSz = 0;
int outBufSz = 0;

#ifdef WOLFSSL_SMALL_STACK

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it ok to remove the WOLFSSL_SMALL_STACK code here?

@stenslae stenslae Jul 9, 2026

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That was intentional, I opted to always heap-allocate the MLDSA key material due to size. Let me know if there's a better route to go for those.

Comment thread wolfclu/x509/clu_mldsa.h
@@ -0,0 +1,65 @@
/* clu_mldsa.h
*
* Copyright (C) 2006-2025 wolfSSL Inc.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

copyright year 2026

Comment thread README.md
iky6IRTUzkBy1fssv3Gr/jOsyN8J565NST3RpQ==
-----END CERTIFICATE-----
```
A self-signed certificate can also be generated with post-quantum ML-DSA (FIPS 204) key. `ml-dsa` and `dilithium` are interchangeable command aliases, and the level (`2`/`3`/`5`) selects ML-DSA-44/65/87. This needs wolfSSL built with `--enable-dilithium --enable-experimental`.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We will need to update enable-dilithium to enable-mldsa, but that can be in a separate PR.

Comment thread src/x509/clu_mldsa.c
@@ -0,0 +1,1890 @@
/* clu_mldsa.c
*
* Copyright (C) 2006-2025 wolfSSL Inc.

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

copyright 2026

Comment thread src/x509/clu_x509_sign.c
if (ret == NULL) {
/* every error path above sets conf=NULL after
* calling wolfCLU_CertSignFree */
wolfSSL_NCONF_free(conf);

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It looks like wolfCLU_CertSignFree(ret) is called on every error, and it does

        if (csign->config != NULL) {                                            
            wolfSSL_NCONF_free(csign->config);                                  
            csign->config = NULL;                                               
        }

So this code should not be calling wolfSSL_NCONF_free(conf); at all here? Or it could risk a double free.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, that call was redundant. I removed it at the bottom.

}

#ifdef WOLFCLU_MLDSA_CERTGEN
if (ret == WOLFCLU_SUCCESS && !isMLDSA &&

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why is this guarded by !isMLDSA if this codeblock is for ML-DSA?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The isMLDSA flag indicates that an existing ML-DSA key was passed in via the -key argument. The block is guarded with !isMLDSA so that if the user provides an existing key, a new key doesn't get generated.

rngInited = 1;
}

/* Pick a random temp file path for throwaway key. */

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why would there be temp files and temp keys for certificate generation?

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

-newkey ml-dsa was writing the freshly generated key to a randomly-named temp file on disk just so it could immediately be read back into an MlDsaKey, then deleted, but it was easier to do in in memory, so I updated that

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

preferably we shouldn't write key material to disk other than what the user requested. Even tmp files can have nasty surprises for sensitive material. E.g. the OS could unlink the file, but not actually zero the sensitive data.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point, I'm working on updating that and will get it in on Monday. There were also a few other gaps in this pr.

#include <wolfclu/pkey/clu_pkey.h>
#include <wolfclu/certgen/clu_certgen.h>

#ifndef WOLFCLU_NO_FILESYSTEM

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Was this filesystem block necessary because you need to do file operations here and can't rely on wolfSSL wolfSSL_PEM_read_bio_PrivateKey (which doesn't support ML-DSA)?

There are probably other wolfssl or wolfcrypt functions we can use to avoid the need for file ops here.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No, it was needed to support the above file operations.

@philljj philljj assigned stenslae and unassigned wolfSSL-Bot Jul 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

6 participants