Skip to content

Add ML-KEM support #175

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
Frauschi wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Add ML-KEM support #175

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
526ced1
Add ML-KEM (FIPS 203) post-quantum KEM support
Frauschi Mar 24, 2026
411a317
Fix ML-DSA context buffer: replace heap pointer with fixed-size array
Frauschi Mar 25, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/clang-tidy.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,7 @@ jobs:
- name: "NSS+TPM Build"
configure_flags: "--enable-nss --enable-tpm"
- name: "PKCS#11 V3.2 PQC Build"
configure_flags: "--enable-pkcs11v32 --enable-mldsa"
configure_flags: "--enable-pkcs11v32 --enable-mldsa --enable-mlkem"

steps:
# Checkout wolfPKCS11
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/cmake.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ jobs:
-DWOLFPKCS11_AESKEYWRAP:BOOL=yes -DWOLFPKCS11_AESCTR:BOOL=yes -DWOLFPKCS11_AESCCM:BOOL=yes \
-DWOLFPKCS11_AESECB:BOOL=yes -DWOLFPKCS11_AESCTS:BOOL=yes -DWOLFPKCS11_AESCMAC:BOOL=yes \
-DWOLFPKCS11_PBKDF2:BOOL=yes -DWOLFPKCS11_SHA3:BOOL=yes -DWOLFPKCS11_PKCS11_V3_0:BOOL=yes \
-DWOLFPKCS11_PKCS11_V3_2:BOOL=yes -DWOLFPKCS11_MLDSA:BOOL=yes \
-DWOLFPKCS11_PKCS11_V3_2:BOOL=yes -DWOLFPKCS11_MLDSA:BOOL=yes -DWOLFPKCS11_MLKEM:BOOL=yes \
-DCMAKE_MODULE_PATH="$GITHUB_WORKSPACE/install/${CMAKE_INSTALL_LIBDIR}" \
..
cmake --build .
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sanitizer-tests.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
- name: "NSS+TPM Build"
configure_flags: "--enable-nss --enable-tpm"
- name: "PKCS#11 V3.2 PQC Build"
configure_flags: "--enable-pkcs11v32 --enable-mldsa"
configure_flags: "--enable-pkcs11v32 --enable-mldsa --enable-mlkem"

steps:
#pull wolfPKCS11
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/unit-test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -106,6 +106,10 @@ jobs:
uses: ./.github/workflows/build-workflow.yml
with:
config: --enable-mldsa
mlkem:
uses: ./.github/workflows/build-workflow.yml
with:
config: --enable-mlkem
debug:
uses: ./.github/workflows/build-workflow.yml
with:
Expand Down
5 changes: 5 additions & 0 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,9 @@ tests/rsa_session_persistence_test
tests/debug_test
tests/token_path_test
tests/pkcs11v3test
tests/aes_cbc_pad_padding_test
tests/ecb_check_value_error_test
tests/find_objects_null_template_test
examples/add_aes_key
examples/add_hmac_key
examples/add_rsa_key
Expand All @@ -54,8 +57,10 @@ examples/obj_list
examples/slot_info
examples/token_info
store/wp11*
store/cbc_pad_padding_test
store/debug
store/empty_pin_test
store/find_null_test
store/object
store/pkcs11mtt
store/pkcs11test
Expand Down
32 changes: 31 additions & 1 deletion CMakeLists.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -474,12 +474,42 @@ endif()

if(WOLFPKCS11_MLDSA)
if(NOT WOLFPKCS11_PKCS11_V3_2)
message(FATAL_ERROR "ML-DSA requires PKCS#11 Version 3.2 support (enable WOLFPKCS11_PKCS11_V3_2)")
message(STATUS "ML-DSA requires PKCS#11 v3.2 support — enabling WOLFPKCS11_PKCS11_V3_2 automatically")
override_cache(WOLFPKCS11_PKCS11_V3_2 "yes")
if(NOT WOLFPKCS11_PKCS11_V3_0)
override_cache(WOLFPKCS11_PKCS11_V3_0 "yes")
list(APPEND WOLFPKCS11_DEFINITIONS "-DWOLFPKCS11_PKCS11_V3_0")
endif()
list(APPEND WOLFPKCS11_DEFINITIONS "-DWOLFPKCS11_PKCS11_V3_2")
endif()
list(APPEND WOLFPKCS11_DEFINITIONS "-DWOLFPKCS11_MLDSA")
endif()


# ML-KEM
add_option("WOLFPKCS11_MLKEM"
"Enable wolfPKCS11 ML-KEM support (default: disabled)"
"no" "yes;no"
)

if(NOT WOLFPKCS11_SHA3)
override_cache(WOLFPKCS11_MLKEM "no")
endif()

if(WOLFPKCS11_MLKEM)
if(NOT WOLFPKCS11_PKCS11_V3_2)
message(STATUS "ML-KEM requires PKCS#11 v3.2 support — enabling WOLFPKCS11_PKCS11_V3_2 automatically")
override_cache(WOLFPKCS11_PKCS11_V3_2 "yes")
if(NOT WOLFPKCS11_PKCS11_V3_0)
override_cache(WOLFPKCS11_PKCS11_V3_0 "yes")
list(APPEND WOLFPKCS11_DEFINITIONS "-DWOLFPKCS11_PKCS11_V3_0")
endif()
list(APPEND WOLFPKCS11_DEFINITIONS "-DWOLFPKCS11_PKCS11_V3_2")
endif()
list(APPEND WOLFPKCS11_DEFINITIONS "-DWOLFPKCS11_MLKEM")
endif()


# If wolfpkcs11/options.h exists, delete it to avoid
# a mixup with build/wolfpkcs11/options.h.
if (EXISTS "${CMAKE_CURRENT_SOURCE_DIR}/wolfpkcs11/options.h")
Expand Down
13 changes: 12 additions & 1 deletion README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -64,6 +64,16 @@ As ML-DSA is a feature of PKCS#11 version 3.2, support for that is required,
too. Hence, to enable all in wolfPKCS11, add `--enable-pkcs11v32 --enable-mldsa`
during the configure step.

### Optional: PQC ML-KEM Support

To have ML-KEM support in wolfPKCS11, configure wolfSSL with ML-KEM (FIPS 203)
support enabled, either by adding `--enable-mlkem` to `./configure` or by
setting `WOLFPKCS11_MLKEM` to `yes` in CMake.

As ML-KEM is a feature of PKCS#11 version 3.2, support for that is required,
too. Hence, to enable all in wolfPKCS11, add `--enable-pkcs11v32 --enable-mlkem`
during the configure step.

### Build options and defines

#### Define WOLFPKCS11_TPM_STORE
Expand Down Expand Up @@ -207,7 +217,8 @@ cmake -DCMAKE_PREFIX_PATH=/path/to/wolfssl/install ..
| `WOLFPKCS11_NSS` | `no` | NSS-specific modifications |
| `WOLFPKCS11_PKCS11_V3_0` | `yes` | PKCS#11 v3.0 support |
| `WOLFPKCS11_PKCS11_V3_2` | `no` | PKCS#11 v3.2 support |
| `WOLFPKCS11_MLDSA` | `no`| ML-DSA support |
| `WOLFPKCS11_MLDSA` | `no` | ML-DSA support |
| `WOLFPKCS11_MLKEM` | `no` | ML-KEM support |
| `WOLFPKCS11_EXAMPLES` | `yes` | Build examples |
| `WOLFPKCS11_TESTS` | `yes` | Build and register tests |
| `WOLFPKCS11_COVERAGE` | `no` | Code coverage support |
Expand Down
2 changes: 2 additions & 0 deletions cmake/options.h.in
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,8 @@ extern "C" {
#cmakedefine WOLFSSL_SHA3
#undef WOLFPKCS11_MLDSA
#cmakedefine WOLFPKCS11_MLDSA
#undef WOLFPKCS11_MLKEM
#cmakedefine WOLFPKCS11_MLKEM
#undef WOLFPKCS11_TPM
#cmakedefine WOLFPKCS11_TPM
#undef WOLFPKCS11_NSS
Expand Down
22 changes: 22 additions & 0 deletions configure.ac
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -537,6 +537,27 @@ then
AM_CFLAGS="$AM_CFLAGS -DWOLFPKCS11_MLDSA"
fi

AC_ARG_ENABLE([mlkem],
[AS_HELP_STRING([--enable-mlkem],[Enable ML-KEM (default: disabled)])],
[ ENABLED_MLKEM=$enableval ],
[ ENABLED_MLKEM=no ]
)

if test "$ENABLED_SHA3" = "no"
then
echo "ML-KEM requires SHA-3 support (disabled), disabling ML-KEM"
ENABLED_MLKEM=no
fi

if test "$ENABLED_MLKEM" = "yes"
then
if test "$ENABLED_PKCS11V3_2" = "no"; then
Copy link
Copy Markdown
Collaborator

@dgarske dgarske Apr 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

When --enable-mlkem auto-enables WOLFPKCS11_PKCS11_V3_2, the configure.ac code at lines 554-556 sets ENABLED_PKCS11V3_2=yes and adds -DWOLFPKCS11_PKCS11_V3_2, but does not ensure -DWOLFPKCS11_PKCS11_V3_0 is also added. In contrast, the CMake equivalent at lines 503-505 explicitly checks and adds V3_0.

In practice, V3_0 defaults to yes (line 498), so the flag is normally already present. However, in the edge case ./configure --disable-pkcs11v30 --enable-mlkem, V3_2 and ML-KEM defines would be added but V3_0 would be absent. This is the same pattern as the pre-existing ML-DSA block (line 533), but the CMake version of this diff fixed it, creating an inconsistency between the two build systems.

Recommendation: Add V3_0 auto-enable logic to match the CMake behavior:

if test "$ENABLED_MLKEM" = "yes"
then
    if test "$ENABLED_PKCS11V3_2" = "no"; then
        ENABLED_PKCS11V3_2=yes
        AM_CFLAGS="$AM_CFLAGS -DWOLFPKCS11_PKCS11_V3_2"
        if test "$ENABLED_PKCS11V3_0" = "no"; then
            ENABLED_PKCS11V3_0=yes
            AM_CFLAGS="$AM_CFLAGS -DWOLFPKCS11_PKCS11_V3_0"
        fi
    fi
    AM_CFLAGS="$AM_CFLAGS -DWOLFPKCS11_MLKEM"
fi

ENABLED_PKCS11V3_2=yes
AM_CFLAGS="$AM_CFLAGS -DWOLFPKCS11_PKCS11_V3_2"
fi
AM_CFLAGS="$AM_CFLAGS -DWOLFPKCS11_MLKEM"
fi


AM_CONDITIONAL([BUILD_STATIC],[test "x$enable_shared" = "xno"])

Expand Down Expand Up @@ -725,6 +746,7 @@ echo " * DH: $ENABLED_DH"
echo " * ECC: $ENABLED_ECC"
echo " * HKDF: $ENABLED_HKDF"
echo " * ML-DSA: $ENABLED_MLDSA"
echo " * ML-KEM: $ENABLED_MLKEM"
echo " * NSS modifications: $ENABLED_NSS"
echo " * Default token path: $WOLFPKCS11_DEFAULT_TOKEN_PATH"
echo " * PKCS#11 Version 3.0: $ENABLED_PKCS11V3_0"
Expand Down
Loading
Loading