• Registered: 2024-09-29
  • Posts: 17

Topic: How to use Dilithium?

I am trying Dilithium with wolfssl on Zephyr.

I added

#define HAVE_DILITHIUM

which results in errors.
E.g.:

  • 'DILITHIUM_LEVEL5_PUB_KEY_SIZE' undeclared here (not in a function); did you mean 'DILITHIUM_MAX_PUB_KEY_SIZE'?

  • C:/ncs/v3.1.0/modules/crypto/wolfssl/src/ssl.c:6029:21: error: 'ML_DSA_LEVEL2_KEY_SIZE' undeclared (first use in this function); did you mean 'ML_DSA_LEVEL2_TYPE'?
    6029 |   ML_DSA_LEVEL2_KEY_SIZE < (word16)cm->minDilithiumKeySz)

and plenty of there errors related to: DILITHIUM_LEVEL5_PUB_KEY_SIZE, DILITHIUM_LEVEL5_KEY_SIZE, DILITHIUM_LEVEL5_SIG_SIZE
ML_DSA_LEVEL{2,3,5}_KEY_SIZE

Do I need to add extra includes?

Share

  • From: Mobile, AL
  • Registered: 2013-12-11
  • Posts: 375

Re: How to use Dilithium?

Please try adding a define for `WOLFSSL_WC_DILITHIUM`

embhorn's Website

Share

  • Registered: 2024-09-29
  • Posts: 17

Re: How to use Dilithium?

Thanks, that worked.
I have created a dilithium key pair with wolfclu.

wolfssl -genkey dilithium -level 2 -out dilithium_key -outform der -output keypair

Now how do I create and self sign a x.509 certificate with Dilithium?
I tried various commands, such as 

wolfssl -req -new -key dilithium_key.priv -keyform der -out dilithium_req.pem -outform pem

but getting ASN no Header errors, etc.

Share

  • From: Mobile, AL
  • Registered: 2013-12-11
  • Posts: 375

Re: How to use Dilithium?

I'll need to confirm that wolfCLU can handle generating certs with PQC keys

embhorn's Website

Share

  • From: Mobile, AL
  • Registered: 2013-12-11
  • Posts: 375

Re: How to use Dilithium?

Hi Sunny,

Cert creation form Dilthium keys is not currently supported in wolfCLU. We are working on some PQC cert functionality in wolfCLU. If you'd like to get this specific functionality developed, please send an email to support@wolfssl.com to make a formal feature request.

Thanks,
Eric

embhorn's Website

Share