Skip to content

Commit c01eca5

Browse files
dgarskedgarske
authored
Merge pull request #10206 from Frauschi/mlkem-dynamic-key-2
Store the size of the allocated private key buffer for ML-KEM
2 parents 9176185 + 17ba0c2 commit c01eca5

2 files changed

Lines changed: 14 additions & 8 deletions

File tree

wolfcrypt/src/wc_mlkem.c

Lines changed: 10 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -232,16 +232,18 @@ static int mlkemkey_get_k(const MlKemKey* key)
232232
*/
233233
static int mlkemkey_alloc_priv(MlKemKey* key, unsigned int k)
234234
{
235+
word32 sz = (word32)(k * MLKEM_N * sizeof(sword16));
235236
if (key->priv != NULL) {
236-
ForceZero(key->priv, k * MLKEM_N * sizeof(sword16));
237+
ForceZero(key->priv, key->privAllocSz);
237238
XFREE(key->priv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
238239
key->priv = NULL;
240+
key->privAllocSz = 0;
239241
}
240-
key->priv = (sword16*)XMALLOC(k * MLKEM_N * sizeof(sword16), key->heap,
241-
DYNAMIC_TYPE_TMP_BUFFER);
242+
key->priv = (sword16*)XMALLOC(sz, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
242243
if (key->priv == NULL) {
243244
return MEMORY_E;
244245
}
246+
key->privAllocSz = sz;
245247
return 0;
246248
}
247249

@@ -434,6 +436,7 @@ int wc_MlKemKey_Init(MlKemKey* key, int type, void* heap, int devId)
434436
#ifdef WOLFSSL_MLKEM_DYNAMIC_KEYS
435437
key->priv = NULL;
436438
key->pub = NULL;
439+
key->privAllocSz = 0;
437440
#ifdef WOLFSSL_MLKEM_CACHE_A
438441
key->a = NULL;
439442
#endif
@@ -539,11 +542,10 @@ int wc_MlKemKey_Free(MlKemKey* key)
539542
ForceZero(&key->prf, sizeof(key->prf));
540543
#ifdef WOLFSSL_MLKEM_DYNAMIC_KEYS
541544
if (key->priv != NULL) {
542-
int k = mlkemkey_get_k(key);
543-
ForceZero(key->priv,
544-
(word32)(k * MLKEM_N) * (word32)sizeof(sword16));
545+
ForceZero(key->priv, key->privAllocSz);
545546
XFREE(key->priv, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
546547
key->priv = NULL;
548+
key->privAllocSz = 0;
547549
}
548550
if (key->pub != NULL) {
549551
XFREE(key->pub, key->heap, DYNAMIC_TYPE_TMP_BUFFER);
@@ -2015,15 +2017,15 @@ int wc_MlKemKey_DecodePrivateKey(MlKemKey* key, const unsigned char* in,
20152017
/* Compute the hash of the public key. */
20162018
ret = MLKEM_HASH_H(&key->hash, p, pubLen, key->h);
20172019
if (ret != 0) {
2018-
ForceZero(key->priv, k * MLKEM_N);
2020+
ForceZero(key->priv, k * MLKEM_N * sizeof(sword16));
20192021
}
20202022
}
20212023

20222024
if (ret == 0) {
20232025
p += pubLen;
20242026
/* Compare computed public key hash with stored hash */
20252027
if (XMEMCMP(key->h, p, WC_ML_KEM_SYM_SZ) != 0) {
2026-
ForceZero(key->priv, k * MLKEM_N);
2028+
ForceZero(key->priv, k * MLKEM_N * sizeof(sword16));
20272029
ret = MLKEM_PUB_HASH_E;
20282030
}
20292031
}

wolfssl/wolfcrypt/wc_mlkem.h

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -104,6 +104,10 @@ enum {
104104
struct MlKemKey {
105105
/* Type of key: WC_ML_KEM_512, WC_ML_KEM_768, WC_ML_KEM_1024 */
106106
int type;
107+
#ifdef WOLFSSL_MLKEM_DYNAMIC_KEYS
108+
/* Allocated size of priv buffer in bytes. */
109+
word32 privAllocSz;
110+
#endif
107111
/* Dynamic memory allocation hint. */
108112
void* heap;
109113
#if defined(WOLF_CRYPTO_CB)

0 commit comments

Comments
 (0)