wolfssl: Update ML-KEM API for wolfSSL 5.8.0 release

author Tobias Brunner <tobias@strongswan.org>

Fri, 25 Apr 2025 06:26:24 +0000 (08:26 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Tue, 13 May 2025 15:14:54 +0000 (17:14 +0200)
author Tobias Brunner <tobias@strongswan.org>
Fri, 25 Apr 2025 06:26:24 +0000 (08:26 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Tue, 13 May 2025 15:14:54 +0000 (17:14 +0200)
diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c b/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c

index 91b9db2cbd2591622bd16cd1a54db8e7c26c30cd..aff7e56bd11fd4c2f7bf613441f7ddd6c57b1389 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_kem.c
@@ -1,5 +1,5 @@
  /*
- * Copyright (C) 2024 Tobias Brunner, codelabs GmbH
+ * Copyright (C) 2024-2025 Tobias Brunner, codelabs GmbH
   *
   * Permission is hereby granted, free of charge, to any person obtaining a copy
   * of this software and associated documentation files (the "Software"), to deal
@@ -23,14 +23,11 @@
  
  #include "wolfssl_common.h"
  
-#ifdef WOLFSSL_HAVE_KYBER
+#ifdef WOLFSSL_HAVE_MLKEM
  
-#include <wolfssl/wolfcrypt/kyber.h>
-#ifdef WOLFSSL_WC_KYBER
-#include <wolfssl/wolfcrypt/wc_kyber.h>
-#endif
-#if defined(HAVE_LIBOQS)
-#include <wolfssl/wolfcrypt/ext_kyber.h>
+#include <wolfssl/wolfcrypt/mlkem.h>
+#ifdef WOLFSSL_WC_MLKEM
+#include <wolfssl/wolfcrypt/wc_mlkem.h>
  #endif
  
  typedef struct private_key_exchange_t private_key_exchange_t;
@@ -172,9 +169,7 @@ static bool decaps_ciphertext(private_key_exchange_t *this, chunk_t ciphertext)
         }
         this->shared_secret = chunk_alloc(ss_len);
  
-       /* FIXME: can't use the wc_MlKemKey alias here as it's incorrectly mapped
-        * to wc_KyberKey_Encapsulate */
-       if (wc_KyberKey_Decapsulate(this->kem, this->shared_secret.ptr,
+       if (wc_MlKemKey_Decapsulate(this->kem, this->shared_secret.ptr,
                                                                 ciphertext.ptr, ciphertext.len) != 0)
         {
                 DBG1(DBG_LIB, "%N decapsulation failed",
@@ -291,17 +286,17 @@ key_exchange_t *wolfssl_kem_create(key_exchange_method_t method)
  
         switch (method)
         {
-#ifdef WOLFSSL_KYBER512
+#ifdef WOLFSSL_WC_ML_KEM_512
                 case ML_KEM_512:
                         type = WC_ML_KEM_512;
                         break;
  #endif
-#ifdef WOLFSSL_KYBER768
+#ifdef WOLFSSL_WC_ML_KEM_768
                 case ML_KEM_768:
                         type = WC_ML_KEM_768;
                         break;
  #endif
-#ifdef WOLFSSL_KYBER1024
+#ifdef WOLFSSL_WC_ML_KEM_1024
                 case ML_KEM_1024:
                         type = WC_ML_KEM_1024;
                         break;
@@ -329,4 +324,4 @@ key_exchange_t *wolfssl_kem_create(key_exchange_method_t method)
         return &this->public;
  }
  
-#endif /* WOLFSSL_HAVE_KYBER */
+#endif /* WOLFSSL_HAVE_MLKEM */
diff --git a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c

index c31b652d4ad2216d4f5762a8e6160834ba352950..49f172aa443beaa0a70ef15c6bf9b56d6ae8a3ae 100644 (file)
--- a/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
+++ b/src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c
@@ -461,7 +461,7 @@ METHOD(plugin_t, get_features, int,
                 #endif
         #endif /* HAVE_ECC_VERIFY */
  #endif /* HAVE_ECC */
-#ifdef WOLFSSL_HAVE_KYBER
+#ifdef WOLFSSL_HAVE_MLKEM
                 PLUGIN_REGISTER(KE, wolfssl_kem_create),
                         PLUGIN_PROVIDE(KE, ML_KEM_512),
                         PLUGIN_PROVIDE(KE, ML_KEM_768),
author	Tobias Brunner <tobias@strongswan.org>
	Fri, 25 Apr 2025 06:26:24 +0000 (08:26 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Tue, 13 May 2025 15:14:54 +0000 (17:14 +0200)
src/libstrongswan/plugins/wolfssl/wolfssl_kem.c		patch \| blob \| blame \| history
src/libstrongswan/plugins/wolfssl/wolfssl_plugin.c		patch \| blob \| blame \| history