fwTPM v185: Fix autodetect

Author: aidangarske

configure.ac

@@ -713,14 +713,24 @@ else
     if test "x$ENABLED_FWTPM" = "xyes" && \
        test "x$ENABLED_WOLFCRYPT" = "xyes"
     then
-        AC_CHECK_HEADER([wolfssl/wolfcrypt/dilithium.h],
-            [WOLFTPM_HAVE_DILITHIUM_H=yes],
-            [WOLFTPM_HAVE_DILITHIUM_H=no])
-        AC_CHECK_HEADER([wolfssl/wolfcrypt/mlkem.h],
-            [WOLFTPM_HAVE_MLKEM_H=yes],
-            [WOLFTPM_HAVE_MLKEM_H=no])
-        if test "x$WOLFTPM_HAVE_DILITHIUM_H" = "xyes" && \
-           test "x$WOLFTPM_HAVE_MLKEM_H" = "xyes"
+        # Probe the actual symbols, not just the headers. wolfSSL ships
+        # dilithium.h / mlkem.h even without the implementation compiled
+        # (function decls are gated behind HAVE_DILITHIUM / HAVE_MLKEM
+        # which only get defined via wolfssl/options.h after the right
+        # --enable-* flags). Include options.h first so the gate is set
+        # before the header decls are parsed.
+        AC_CHECK_DECL([wc_dilithium_init],
+            [WOLFTPM_HAVE_DILITHIUM_FN=yes],
+            [WOLFTPM_HAVE_DILITHIUM_FN=no],
+            [[#include <wolfssl/options.h>
+              #include <wolfssl/wolfcrypt/dilithium.h>]])
+        AC_CHECK_DECL([wc_MlKemKey_Init],
+            [WOLFTPM_HAVE_MLKEM_FN=yes],
+            [WOLFTPM_HAVE_MLKEM_FN=no],
+            [[#include <wolfssl/options.h>
+              #include <wolfssl/wolfcrypt/mlkem.h>]])
+        if test "x$WOLFTPM_HAVE_DILITHIUM_FN" = "xyes" && \
+           test "x$WOLFTPM_HAVE_MLKEM_FN" = "xyes"
         then
             AC_MSG_NOTICE([wolfCrypt ML-DSA + ML-KEM detected; auto-enabling --enable-v185 (use --disable-v185 or --disable-pqc to opt out)])
             ENABLED_V185=yes
@@ -734,13 +744,19 @@ fi
 
 if test "x$ENABLED_V185" = "xyes"
 then
-    # When the user opted in explicitly we have not probed yet; verify the
-    # wolfSSL PQC headers are present so the build fails at configure time
-    # rather than deep inside the compile with a cryptic error.
-    AC_CHECK_HEADER([wolfssl/wolfcrypt/dilithium.h], [],
-        [AC_MSG_ERROR([--enable-v185/--enable-pqc requires wolfSSL built with --enable-dilithium --enable-experimental])])
-    AC_CHECK_HEADER([wolfssl/wolfcrypt/mlkem.h], [],
-        [AC_MSG_ERROR([--enable-v185/--enable-pqc requires wolfSSL built with --enable-mlkem --enable-experimental])])
+    # Explicit opt-in: re-probe so we fail at configure time (with a
+    # clear hint about wolfSSL flags) rather than deep inside the compile
+    # with a cryptic error. Header existence alone is not enough -- the
+    # actual functions must be declared (gated by HAVE_DILITHIUM /
+    # HAVE_MLKEM in wolfssl/options.h).
+    AC_CHECK_DECL([wc_dilithium_init], [],
+        [AC_MSG_ERROR([--enable-v185/--enable-pqc requires wolfSSL built with --enable-dilithium --enable-experimental])],
+        [[#include <wolfssl/options.h>
+          #include <wolfssl/wolfcrypt/dilithium.h>]])
+    AC_CHECK_DECL([wc_MlKemKey_Init], [],
+        [AC_MSG_ERROR([--enable-v185/--enable-pqc requires wolfSSL built with --enable-mlkem --enable-experimental])],
+        [[#include <wolfssl/options.h>
+          #include <wolfssl/wolfcrypt/mlkem.h>]])
     AM_CFLAGS="$AM_CFLAGS -DWOLFTPM_V185"
 fi
 AM_CONDITIONAL([BUILD_V185], [test "x$ENABLED_V185" = "xyes"])

tests/check_doc_constants.sh

@@ -22,9 +22,17 @@ fi
 # Pull every #define FWTPM_<UPPER>_<UPPER>... NUMERIC_LITERAL line.
 # Constants ending in MAX/SIZE/EST/SEED are the ones we care about; pure
 # enum-style symbols (FWTPM_NO_*, FWTPM_*_DECLARE_VAR) don't appear in docs.
+#
+# Exclude internal helpers that aren't user-tunable knobs:
+#   FWTPM_MLDSA_<N>_*  / FWTPM_MLKEM_<N>_*  -- FIPS-spec-immutable
+#       per-parameter-set sizes used as inputs to auto-shrink resolution.
+#   *_RAW                                    -- intermediate computation
+#       steps for auto-shrink (FWTPM_MAX_PUB_BUF_RAW etc.).
 mapfile -t CONSTS < <(
     grep -E '^\s*#\s*define\s+FWTPM_[A-Z0-9_]*(MAX|SIZE|EST|SEED|BYTES|DIGEST)[A-Z0-9_]*\s' "$HEADER" \
         | awk '{print $2}' \
+        | grep -vE '^FWTPM_(MLDSA|MLKEM)_[0-9]+_' \
+        | grep -vE '_RAW$' \
         | sort -u
 )
 

wolftpm/fwtpm/fwtpm.h

@@ -163,33 +163,35 @@
  * All macros remain ifndef-guarded for per-board overrides. See
  * docs/FWTPM.md "v1.85 Embedded RAM Impact" for resolved values per build.
  */
-/* ML-KEM ciphertext / public-key sizes per FIPS 203 Sec.6.4 / Sec.7.4. wolfCrypt's
- * WC_ML_KEM_xxx_SIZE macros expand to non-preprocessor-evaluable expressions
- * (MLKEM_POLY_VEC_SZ() etc.), so we redefine the spec constants here for use
- * in compile-time #if comparisons below. Spec-immutable. */
+/* PQC per-parameter-set sizes (FIPS 203 / FIPS 204, spec-immutable). Defined
+ * locally so size-resolution below works without including wolfCrypt PQC
+ * headers (which may be absent on subset builds). */
+#define FWTPM_MLDSA_44_PUB_SIZE   1312
+#define FWTPM_MLDSA_44_SIG_SIZE   2420
+#define FWTPM_MLDSA_65_PUB_SIZE   1952
+#define FWTPM_MLDSA_65_SIG_SIZE   3309
+#define FWTPM_MLDSA_87_PUB_SIZE   2592
+#define FWTPM_MLDSA_87_SIG_SIZE   4627
 #define FWTPM_MLKEM_512_CT_SIZE    768
 #define FWTPM_MLKEM_512_PUB_SIZE   800
 #define FWTPM_MLKEM_768_CT_SIZE   1088
 #define FWTPM_MLKEM_768_PUB_SIZE  1184
 #define FWTPM_MLKEM_1024_CT_SIZE  1568
 #define FWTPM_MLKEM_1024_PUB_SIZE 1568
 
-/* Resolve the largest ML-DSA / ML-KEM parameter set actually enabled in
- * wolfCrypt, so PQC buffer defaults auto-shrink for deployments that only
- * enable smaller params. Per-param-set sizes use wolfCrypt's own
- * DILITHIUM_LEVEL{2,3,5}_*_SIZE macros (plain integer constants) and
- * the FWTPM_MLKEM_*_SIZE constants above. */
+/* Resolve the largest enabled parameter set for buffer sizing. Driven by
+ * wolfCrypt's WOLFSSL_NO_ML_DSA_44/65/87 and WOLFSSL_NO_KYBER512/768/1024
+ * gates so subset builds (e.g. MLDSA-44 only) don't pay for MLDSA-87. */
 #if defined(WOLFTPM_V185) && !defined(WOLFTPM2_NO_WOLFCRYPT)
-    #include <wolfssl/wolfcrypt/dilithium.h>
     #if !defined(WOLFSSL_NO_ML_DSA_87)
-        #define FWTPM_MAX_MLDSA_SIG_SIZE  DILITHIUM_LEVEL5_SIG_SIZE
-        #define FWTPM_MAX_MLDSA_PUB_SIZE  DILITHIUM_LEVEL5_PUB_KEY_SIZE
+        #define FWTPM_MAX_MLDSA_SIG_SIZE  FWTPM_MLDSA_87_SIG_SIZE
+        #define FWTPM_MAX_MLDSA_PUB_SIZE  FWTPM_MLDSA_87_PUB_SIZE
     #elif !defined(WOLFSSL_NO_ML_DSA_65)
-        #define FWTPM_MAX_MLDSA_SIG_SIZE  DILITHIUM_LEVEL3_SIG_SIZE
-        #define FWTPM_MAX_MLDSA_PUB_SIZE  DILITHIUM_LEVEL3_PUB_KEY_SIZE
+        #define FWTPM_MAX_MLDSA_SIG_SIZE  FWTPM_MLDSA_65_SIG_SIZE
+        #define FWTPM_MAX_MLDSA_PUB_SIZE  FWTPM_MLDSA_65_PUB_SIZE
     #elif !defined(WOLFSSL_NO_ML_DSA_44)
-        #define FWTPM_MAX_MLDSA_SIG_SIZE  DILITHIUM_LEVEL2_SIG_SIZE
-        #define FWTPM_MAX_MLDSA_PUB_SIZE  DILITHIUM_LEVEL2_PUB_KEY_SIZE
+        #define FWTPM_MAX_MLDSA_SIG_SIZE  FWTPM_MLDSA_44_SIG_SIZE
+        #define FWTPM_MAX_MLDSA_PUB_SIZE  FWTPM_MLDSA_44_PUB_SIZE
     #else
         #define FWTPM_MAX_MLDSA_SIG_SIZE  0
         #define FWTPM_MAX_MLDSA_PUB_SIZE  0