Add TPM 2.0 v1.85 PQC (ML-DSA and ML-KEM) and fwTPM PQC Support

.github/workflows/fuzz.yml

@@ -15,14 +15,34 @@ jobs:
       fail-fast: false
       matrix:
         include:
-          # Full fuzz run (weekly/manual) - 10 minutes
+          # Classical (v1.38) full fuzz run (weekly/manual) - 10 minutes
           - name: fuzz-full
             fuzz_time: 600
             smoke_only: false
-          # Quick smoke test (PR) - 60 seconds
+            wolfssl_extra_flags: ""
+            wolftpm_extra_flags: ""
+            max_len: 4096
+          # Classical (v1.38) quick smoke test (PR) - 60 seconds
           - name: fuzz-smoke
             fuzz_time: 60
             smoke_only: true
+            wolfssl_extra_flags: ""
+            wolftpm_extra_flags: ""
+            max_len: 4096
+          # v1.85 PQC full fuzz run (weekly/manual) - 10 minutes
+          - name: fuzz-full-pqc
+            fuzz_time: 600
+            smoke_only: false
+            wolfssl_extra_flags: "--enable-dilithium --enable-mlkem --enable-experimental --enable-harden"
+            wolftpm_extra_flags: "--enable-v185"
+            max_len: 8192
+          # v1.85 PQC quick smoke test (PR) - 60 seconds
+          - name: fuzz-smoke-pqc
+            fuzz_time: 60
+            smoke_only: true
+            wolfssl_extra_flags: "--enable-dilithium --enable-mlkem --enable-experimental --enable-harden"
+            wolftpm_extra_flags: "--enable-v185"
+            max_len: 8192
 
     steps:
       - name: Checkout wolfTPM
@@ -42,6 +62,7 @@ jobs:
         run: |
           ./autogen.sh
           CC=clang ./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen \
+            ${{ matrix.wolfssl_extra_flags }} \
             CFLAGS="-fsanitize=fuzzer-no-link,address -fno-omit-frame-pointer -g -O1 -DWC_RSA_NO_PADDING" \
             LDFLAGS="-fsanitize=address"
           make -j$(nproc)
@@ -52,13 +73,40 @@ jobs:
         run: |
           ./autogen.sh
           CC=clang ./configure --enable-fwtpm --enable-fuzz \
+            ${{ matrix.wolftpm_extra_flags }} \
             CFLAGS="-fsanitize=fuzzer-no-link,address -fno-omit-frame-pointer -g -O1" \
             LDFLAGS="-fsanitize=address"
           make -j$(nproc)
 
       - name: Generate seed corpus
         run: python3 tests/fuzz/gen_corpus.py
 
+      - name: Verify v1.85 PQC opcode coverage in corpus
+        if: contains(matrix.name, 'pqc')
+        run: |
+          # Without this guard, fuzz-*-pqc could spend 10 minutes fuzzing
+          # classical paths with -DWOLFTPM_V185 set and never exercise an
+          # Encapsulate or SignSequenceComplete opcode. Fail fast if any of
+          # the 8 new v1.85 command codes is absent from the seed corpus.
+          # Seeds are binary; opcodes appear as raw 4-byte big-endian
+          # sequences. Hex-dump the concatenated corpus and grep the
+          # resulting hex stream for each opcode's bytes.
+          CORPUS_HEX=$(cat tests/fuzz/corpus/*.bin | xxd -p | tr -d '\n')
+          MISSING=()
+          for cc in 000001a3 000001a4 000001a5 000001a6 \
+                    000001a7 000001a8 000001a9 000001aa; do
+            if ! echo "$CORPUS_HEX" | grep -q "$cc"; then
+              MISSING+=("0x${cc^^}")
+            fi
+          done
+          if [ ${#MISSING[@]} -gt 0 ]; then
+            echo "ERROR: PQC seed corpus missing the following command codes:"
+            printf '  %s\n' "${MISSING[@]}"
+            echo "Update tests/fuzz/gen_corpus.py to emit a seed for each."
+            exit 1
+          fi
+          echo "All 8 v1.85 PQC opcodes (0x1A3-0x1AA) present in seed corpus."
+
       - name: Run fuzzer
         env:
           ASAN_OPTIONS: "detect_leaks=1:abort_on_error=1:symbolize=1"
@@ -68,7 +116,7 @@ jobs:
             ./tests/fuzz/fwtpm_fuzz \
               tests/fuzz/corpus/ \
               -dict=tests/fuzz/tpm2.dict \
-              -max_len=4096 \
+              -max_len=${{ matrix.max_len }} \
               -timeout=30 \
               -rss_limit_mb=2048 \
               -print_final_stats=1 \

.github/workflows/fwtpm-test.yml

@@ -30,6 +30,29 @@ jobs:
             wolfssl_config: --enable-wolftpm --enable-pkcallbacks --enable-keygen
             build_only: false
 
+          # v1.85 PQC: full make check + pqc_mssim_e2e.sh + tpm2-tools
+          # Highest-leverage entry — exercises wrapper unit tests
+          # (tests/unit_tests.c v1.85 cases) + handler unit tests
+          # (tests/fwtpm_unit_tests.c v1.85 cases) + the new mssim E2E
+          # harness against fwtpm_server in one shot. --enable-swtpm omitted
+          # because configure.ac:287 enables it by default on Linux.
+          - name: fwtpm-v185
+            os: ubuntu-latest
+            wolftpm_config: --enable-fwtpm --enable-v185
+            wolfssl_config: --enable-wolftpm --enable-pkcallbacks --enable-keygen --enable-dilithium --enable-mlkem --enable-experimental --enable-harden
+            build_only: false
+
+          # v1.85 PQC: build-only safety net with DEBUG_WOLFTPM so any
+          # printf-format-string drift in v1.85-guarded debug paths breaks
+          # the build instead of silently corrupting log output. No
+          # --enable-swtpm because build-only never invokes the socket client.
+          - name: fwtpm-v185-build-only
+            os: ubuntu-latest
+            wolftpm_config: --enable-fwtpm --enable-v185
+            wolfssl_config: --enable-wolftpm --enable-pkcallbacks --enable-keygen --enable-dilithium --enable-mlkem --enable-experimental --enable-harden
+            build_only: true
+            extra_cflags: -DDEBUG_WOLFTPM
+
           # Build-only: fwTPM with RSA disabled
           - name: fwtpm-no-rsa
             os: ubuntu-latest

.github/workflows/make-test-swtpm.yml

@@ -303,6 +303,24 @@ jobs:
             test_command: "make check && WOLFSSL_PATH=./wolfssl NO_PUBASPRIV=1 ./examples/run_examples.sh"
             needs_install: true
 
+          # v1.85 PQC: swtpm-backed wrapper coverage. Triggers run_examples.sh
+          # Build-only: --enable-v185 against PQC+pkcallbacks wolfSSL. swtpm
+          # has no PQC, so runtime PQC tests live in fwtpm-v185.
+          - name: v185-pqc-swtpm-build
+            wolfssl_config: "--enable-wolftpm --enable-pkcallbacks --enable-keygen --enable-dilithium --enable-mlkem --enable-experimental --enable-harden"
+            wolftpm_config: "--enable-v185"
+            test_command: "make"
+
+          # Regression: build the v185-pq-support branch WITHOUT --enable-v185
+          # to catch #ifdef WOLFTPM_V185 drift in tpm2_packet.c / tpm2_wrap.c
+          # (a PQC-only declaration leaking out of its guard breaks classical
+          # builds and would otherwise be invisible in CI — every other
+          # classical entry runs against master, never against this branch).
+          - name: v138-regression-after-v185
+            wolfssl_config: "--enable-wolftpm --enable-pkcallbacks --enable-keygen"
+            wolftpm_config: "--enable-fwtpm"
+            test_command: "make check && WOLFSSL_PATH=./wolfssl ./examples/run_examples.sh"
+
     steps:
       - name: Checkout wolfTPM
         uses: actions/checkout@master

.github/workflows/pqc-examples.yml

@@ -0,0 +1,174 @@
+name: PQC Examples (v1.85)
+
+on:
+  push:
+    branches: [ 'master', 'main', 'release/**' ]
+  pull_request:
+    branches: [ '*' ]
+
+jobs:
+  pqc-examples:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+
+    steps:
+      - name: Checkout wolfTPM
+        uses: actions/checkout@v4
+
+      - name: Checkout wolfSSL
+        uses: actions/checkout@v4
+        with:
+          repository: wolfssl/wolfssl
+          path: wolfssl
+          ref: master
+
+      - name: Install build deps + tpm2-tools
+        run: |
+          sudo apt-get update
+          sudo apt-get install -y tpm2-tools libtss2-tcti-mssim0
+
+      - name: Build wolfSSL with PQC
+        working-directory: ./wolfssl
+        run: |
+          ./autogen.sh
+          ./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen \
+                      --enable-dilithium --enable-mlkem --enable-experimental \
+                      --enable-harden \
+                      CFLAGS="-DWC_RSA_NO_PADDING"
+          make
+          sudo make install
+          sudo ldconfig
+
+      - name: Build wolfTPM with v1.85 + fwTPM + debug
+        run: |
+          ./autogen.sh
+          # --enable-swtpm omitted: it's the Linux configure default
+          # (configure.ac:287). Passing it explicitly was redundant.
+          # --enable-debug=verbose: full client + fwTPM dispatch logs so
+          # CI failures (e.g. keyload integrity) come with TPM-side trace.
+          ./configure --enable-v185 --enable-fwtpm --enable-debug=verbose
+          make
+
+      # ----- Tier 1: make check -----
+      # Runs unit.test (wrapper) + fwtpm_unit.test (handler) + tpm2-tools
+      # compatibility + tests/pqc_mssim_e2e.sh in one shot via fwtpm_check.sh.
+      - name: make check (unit + fwtpm_unit + tpm2-tools + pqc_mssim_e2e.sh)
+        env:
+          WOLFSSL_PATH: ${{ github.workspace }}/wolfssl
+        run: |
+          FWTPM_USE_FIXED_PORT=1 \
+          sudo -E unshare --net /bin/bash -c '
+            set -e
+            ip link set lo up
+            make check
+          '
+          # make check runs as root via sudo -E unshare; restore ownership of
+          # any files left in the workspace so later steps (running as the
+          # unprivileged runner) can rewrite them — otherwise stale root-owned
+          # blobs (e.g. eccblob.bin) silently break run_examples.sh later.
+          sudo chown -R "$(id -u):$(id -g)" .
+
+      # ----- Tier 2: per-example standalone runs -----
+      # Each example gets its own GitHub Actions check so a regression
+      # surfaces with a clear failure signal — not buried inside make check.
+      - name: Start fwtpm_server for standalone example runs
+        run: |
+          rm -f fwtpm_nv.bin
+          ./src/fwtpm/fwtpm_server > /tmp/fwtpm_server.log 2>&1 &
+          echo $! > /tmp/fwtpm_server.pid
+          sleep 1
+          kill -0 $(cat /tmp/fwtpm_server.pid)
+
+      - name: PQC keygen — every parameter set
+        run: |
+          for ps in 44 65 87; do
+            ./examples/keygen/keygen mldsa_sk.bin -mldsa=$ps      || exit 1
+            ./examples/keygen/keygen hmldsa_sk.bin -hash_mldsa=$ps || exit 1
+          done
+          for ps in 512 768 1024; do
+            ./examples/keygen/keygen mlkem_sk.bin -mlkem=$ps || exit 1
+          done
+
+      - name: ML-DSA sign + verify example (standalone)
+        run: ./examples/pqc/mldsa_sign
+
+      - name: ML-KEM encap + decap example (standalone)
+        run: ./examples/pqc/mlkem_encap
+
+      - name: Stop Tier 2 fwtpm_server (free port 2321 for E2E)
+        run: |
+          if [ -f /tmp/fwtpm_server.pid ]; then
+            kill "$(cat /tmp/fwtpm_server.pid)" 2>/dev/null || true
+            rm -f /tmp/fwtpm_server.pid
+          fi
+          # Defensive: kill any other default-port server lingering.
+          pkill -f "fwtpm_server$" 2>/dev/null || true
+          sleep 1
+
+      - name: PQC mssim E2E (MLKEM-768 + HashMLDSA-65 round-trips)
+        run: ./tests/pqc_mssim_e2e.sh
+
+      - name: Restart fwtpm_server for Tier 5 (run_examples.sh)
+        run: |
+          # pqc_mssim_e2e.sh started + stopped its own server; Tier 5 needs
+          # one again. Reuse the same default-port launch as Tier 2.
+          pkill -f "fwtpm_server" 2>/dev/null || true
+          sleep 1
+          rm -f fwtpm_nv.bin
+          ./src/fwtpm/fwtpm_server > /tmp/fwtpm_server.log 2>&1 &
+          echo $! > /tmp/fwtpm_server.pid
+          sleep 1
+          kill -0 "$(cat /tmp/fwtpm_server.pid)"
+
+      - name: Doc constants parity check
+        run: |
+          ./tests/check_doc_constants.sh
+          rc=$?
+          if [ $rc -eq 77 ]; then
+            echo "Step skipped (exit 77 — header or doc missing)"
+            exit 0
+          fi
+          exit $rc
+
+      # ----- Tier 5: full run_examples.sh sweep -----
+      # run_examples.sh does not start its own TPM — it expects one already
+      # listening. Reuse the fwtpm_server started in Tier 2. Trace each
+      # command (set -x) so the failing call line is in the CI log; on
+      # failure, dump run.out (where the script redirects example stdout).
+      - name: run_examples.sh full pass (auto-detects v1.85, runs 18-way matrix)
+        env:
+          WOLFSSL_PATH: ${{ github.workspace }}/wolfssl
+        run: |
+          set +e
+          bash -x ./examples/run_examples.sh
+          rc=$?
+          set -e
+          if [ $rc -ne 0 ]; then
+            echo "=== run.out (last 200 lines) ==="
+            tail -200 run.out
+            echo "=== fwtpm_server.log (last 100 lines) ==="
+            tail -100 /tmp/fwtpm_server.log
+          fi
+          exit $rc
+
+      - name: Stop fwtpm_server
+        if: always()
+        run: |
+          if [ -f /tmp/fwtpm_server.pid ]; then
+            kill $(cat /tmp/fwtpm_server.pid) 2>/dev/null || true
+            rm -f /tmp/fwtpm_server.pid
+          fi
+
+      - name: Upload failure logs
+        if: failure()
+        uses: actions/upload-artifact@v4
+        with:
+          name: pqc-examples-logs
+          path: |
+            /tmp/fwtpm_server.log
+            /tmp/fwtpm_check_*.log
+            test-suite.log
+            tests/*.log
+            config.log
+            run.out
+          retention-days: 5

.github/workflows/sanitizer.yml

@@ -31,6 +31,40 @@ jobs:
             cflags: "-fsanitize=leak -fno-omit-frame-pointer -g"
             ldflags: "-fsanitize=leak"
 
+          # v1.85 PQC sanitizer coverage — three entries because each catches
+          # a different bug class. SWTPM transport is the Linux configure
+          # default (configure.ac:287); explicit flag omitted everywhere.
+          # ASan: heap-buffer-overflow / use-after-scope on the new sequence-
+          # handle objects + PQC marshaling paths.
+          - name: "ASan-v185"
+            cflags: "-fsanitize=address -O1 -fno-omit-frame-pointer -g"
+            ldflags: "-fsanitize=address"
+            asan_options: "detect_leaks=0"
+            wolftpm_extra_config: "--enable-v185"
+            wolfssl_extra_config: "--enable-dilithium --enable-mlkem --enable-experimental --enable-harden"
+
+          # UBSan-v185: enables undefined-behavior checks but disables
+          # `alignment` (wolfSSL dilithium internal sword32 reads from
+          # byte buffers) and the integer overflow/shift checks (wolfSSL
+          # Hash_df 440<<24) — both pre-existing wolfSSL UB.
+          - name: "UBSan-v185"
+            cc: clang
+            cflags: "-fsanitize=undefined -fno-sanitize=alignment,signed-integer-overflow,shift -fno-sanitize-recover=all -fno-omit-frame-pointer -g"
+            ldflags: "-fsanitize=undefined"
+            ubsan_options: "halt_on_error=1:print_stacktrace=1"
+            wolftpm_extra_config: "--enable-v185"
+            wolfssl_extra_config: "--enable-dilithium --enable-mlkem --enable-experimental --enable-harden"
+
+          # MSan-v185: Pure ML-DSA one-shot signing and streaming Hash-ML-DSA
+          # both allocate sequence-handle state incrementally — partial-init
+          # reads on those buffers are MSan territory, not ASan.
+          - name: "MSan-v185"
+            cc: clang
+            cflags: "-fsanitize=memory -fsanitize-memory-track-origins=2 -fno-omit-frame-pointer -O1 -g"
+            ldflags: "-fsanitize=memory"
+            wolftpm_extra_config: "--enable-v185"
+            wolfssl_extra_config: "--enable-dilithium --enable-mlkem --enable-experimental --enable-harden"
+
     steps:
       - name: Workaround high-entropy ASLR
         run: sudo sysctl vm.mmap_rnd_bits=28
@@ -53,7 +87,8 @@ jobs:
         working-directory: ./wolfssl
         run: |
           ./autogen.sh
-          ./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen \
+          CC=${{ matrix.cc || 'gcc' }} ./configure --enable-wolftpm --enable-pkcallbacks --enable-keygen \
+              ${{ matrix.wolfssl_extra_config }} \
               --prefix=/tmp/wolfssl-install \
               CFLAGS="-DWC_RSA_NO_PADDING ${{ matrix.cflags }}" \
               LDFLAGS="${{ matrix.ldflags }}"
@@ -63,7 +98,8 @@ jobs:
       - name: Build wolfTPM with fwTPM + ${{ matrix.name }}
         run: |
           ./autogen.sh
-          ./configure --enable-fwtpm --enable-swtpm --enable-debug \
+          CC=${{ matrix.cc || 'gcc' }} ./configure --enable-fwtpm --enable-swtpm --enable-debug \
+              ${{ matrix.wolftpm_extra_config }} \
               --with-wolfcrypt=/tmp/wolfssl-install \
               CFLAGS="${{ matrix.cflags }}" \
               LDFLAGS="${{ matrix.ldflags }}"

.gitignore

@@ -70,6 +70,9 @@ examples/keygen/keyload
 examples/keygen/keygen
 examples/keygen/keyimport
 examples/keygen/external_import
+examples/pqc/mldsa_sign
+examples/pqc/mlkem_encap
+examples/pqc/pqc_mssim_e2e
 examples/nvram/extend
 examples/nvram/store
 examples/nvram/read