Remove deprecated external liblms and libxmss library support#8
Closed
Remove deprecated external liblms and libxmss library support#8
Conversation
The external hash-sigs (liblms) and xmss-reference (libxmss) library
backends were already marked deprecated in INSTALL, since wolfCrypt
now ships its own LMS/HSS and XMSS/XMSS^MT implementations in wc_lms
and wc_xmss. Retire the external path entirely:
- Delete wolfcrypt/src/ext_{lms,xmss}.c and wolfssl/wolfcrypt/ext_{lms,xmss}.h
- Drop --with-liblms / --with-libxmss configure options, the
HAVE_LIBLMS / HAVE_LIBXMSS macros, and the BUILD_LIBLMS /
BUILD_LIBXMSS automake conditionals
- Collapse HAVE_LIB{LMS,XMSS} header/source guards in tests,
benchmarks, and the linux kernel module export template
- Remove the hash-sigs install step from Docker/Dockerfile
- Remove ext_{lms,xmss}.c from the INTIME-RTOS VS project
- Update INSTALL and ChangeLog.md
https://claude.ai/code/session_01CEeSVaiiJ6ziyya3CCz5RK
With external liblms/libxmss support removed, WOLFSSL_WC_LMS and WOLFSSL_WC_XMSS no longer distinguish between backends - they are tautologically equal to WOLFSSL_HAVE_LMS / WOLFSSL_HAVE_XMSS. Retire them to avoid leaving dead vocabulary in the codebase. - configure.ac: drop ENABLED_WC_LMS / ENABLED_WC_XMSS, stop defining -DWOLFSSL_WC_LMS / -DWOLFSSL_WC_XMSS, rename BUILD_WC_LMS / BUILD_WC_XMSS to BUILD_LMS / BUILD_XMSS, and remove the redundant "LMS/XMSS wolfSSL impl" summary echo lines - CMakeLists.txt: drop -DWOLFSSL_WC_LMS definition alongside HAVE_LMS - src/include.am: rename guard conditionals to BUILD_LMS / BUILD_XMSS - Collapse "#if defined(HAVE_LMS) && defined(WC_LMS)" guards in wc_lms.c / wc_lms_impl.c / wc_lms.h and tests/api.c to just HAVE_LMS - Drop the "#if !defined(WOLFSSL_WC_XMSS) #error" guard from wc_xmss.h - settings.h: swap WC_LMS/WC_XMSS for HAVE_LMS/HAVE_XMSS in W64_WRAPPER and int encode/decode feature triggers - test.c/test.h: drop redundant WOLFSSL_WC_LMS clause from the lms_test_verify_only gate - benchmark.c: simplify "!defined(WOLFSSL_WC_LMS) || X" parameter-set gates (keep just X) and remove an XMSS pub-len check that only ran on the external backend - user_settings_pq.h / user_settings_wolfboot_keytools.h: drop WOLFSSL_WC_LMS / WOLFSSL_WC_XMSS defines - ChangeLog: document the macro removal https://claude.ai/code/session_01CEeSVaiiJ6ziyya3CCz5RK
Frauschi
commented
Apr 23, 2026
Per PR review feedback: the release notes will be updated separately. https://claude.ai/code/session_01CEeSVaiiJ6ziyya3CCz5RK
Frauschi
pushed a commit
that referenced
this pull request
May 3, 2026
Negative findings from review of 3b2d711: - Drop redundant `(word16)` inner cast in `wc_xmss_impl.c` (#1): `(word16)((word16)hs * n)` -> `(word16)(hs * n)`. The inner cast added nothing; word8 promotes to int regardless. - Normalize `(word32)1` to `(word32)1U` across the file (#5) so the pre-existing call sites match the style of the new shifts. - Defensive guard in `wc_xmss_hash_message` (#2): if `idx_len > params->n` ever holds, the explicit `(word32)(params->n - idx_len)` cast that silenced the warning would otherwise produce a ~4 GB XMEMSET. Set state->ret = WC_FAILURE and bail; the invariant is structural for valid parameter sets. - Defensive guard in `wc_idx_copy` (#3): if `dl < sl` is ever passed, the word32 subtraction wraps and the XMEMSET corrupts memory. Same structural invariant; early return rather than crash. - Extend `test_xmss_runtime` (#7, #8) from 2 to 4 configurations: 1. --enable-xmss (default) 2. --enable-xmss=yes,small 3. --enable-xmss=yes,verify-only (NEW: RFC 8391 test vectors) 4. --enable-xmss --enable-32bit -m32 (NEW: catches 32-bit width-dependent bugs in tree-index arithmetic; XmssIdx narrows to word32 there) The 32-bit row needs gcc-multilib so the job now installs it. Verified locally: - All 13 build_library matrix rows compile clean under the conversion flags. - testwolfcrypt's "XMSS Vfy" / "XMSS" pass for --enable-xmss, --enable-xmss=yes,small, --enable-xmss=yes,verify-only, and --enable-xmss --enable-32bit (4/4). - bench_xmss_xmssmt re-run with `-DBENCH_MIN_RUNTIME_SEC=5.0F` for longer averaging. Sign/verify deltas range -10% to +15% with no coherent regression pattern across parameter sets (the largest moves in either direction are on neighbouring rows of the same hash family), consistent with shared-system run-to-run noise rather than a real perf change. Single-sample keygens (1 op per measurement) carry expectedly high variance (-7% to +57%); sign/verify with hundreds to thousands of ops per measurement are the meaningful signal. https://claude.ai/code/session_01EJmy1bKDgHseTwZ5Qqpu1g
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
hash-sigs(liblms) andxmss-reference(libxmss) backends in favor of the internal wolfCrypt implementations (wc_lms,wc_xmss), which are already the default and have been marked as the supported path (external support was already labeled Deprecated inINSTALL).--with-liblms/--with-libxmssconfigure options, theHAVE_LIBLMS/HAVE_LIBXMSSmacros, and theBUILD_LIBLMS/BUILD_LIBXMSSautomake conditionals.WOLFSSL_WC_LMS/WOLFSSL_WC_XMSSmacros and the correspondingBUILD_WC_LMS/BUILD_WC_XMSSautomake conditionals. With the external backends gone these macros were tautologically equal toWOLFSSL_HAVE_LMS/WOLFSSL_HAVE_XMSS, so they've been consolidated onto theHAVE_*names.wolfcrypt/src/ext_{lms,xmss}.candwolfssl/wolfcrypt/ext_{lms,xmss}.h(~2,200 lines of wrapper code) and collapses allHAVE_LIB{LMS,XMSS}andWOLFSSL_WC_{LMS,XMSS}conditionals in headers, tests, the benchmark suite, the Linux kernel module export template, the INTIME-RTOS VS project,Docker/Dockerfile, andINSTALL.Release notes for these changes will land in
ChangeLog.mdseparately.Migration note for downstream users
--with-liblmsor--with-libxmssmust switch to the default wolfCrypt backend (automatic under--enable-lms/--enable-xmss).user_settings.hfiles that definedWOLFSSL_WC_LMSorWOLFSSL_WC_XMSSshould remove those lines —WOLFSSL_HAVE_LMS/WOLFSSL_HAVE_XMSSare now the only macros needed.WOLFSSL_WC_LMS_SMALL,WOLFSSL_WC_LMS_SERIALIZE_STATE,WOLFSSL_WC_XMSS_SMALL, andWOLFSSL_WC_XMSS_{MIN,MAX}_HASH_SIZEare retained — they are tuning knobs for the wolfCrypt implementation, not backend selectors.Test plan
./autogen.shregenerates the build system cleanly./configure --helpno longer lists--with-liblmsor--with-libxmss./configure && make -j$(nproc)succeeds./configure --enable-lms --enable-xmss && make -j$(nproc)succeeds;testwolfcryptreportsLMS test passed!andXMSS test passed!./configure --enable-lms=verify-only --enable-xmss=verify-only && make -j$(nproc)succeeds;testwolfcryptreportsLMS Vfy test passed!andXMSS Vfy test passed!./tests/unit.testpasses end-to-end./wolfcrypt/benchmark/benchmark -lms_hssand-xmss_xmssmtrun against the internal wolfCrypt backendsgrep -r 'HAVE_LIBLMS\|HAVE_LIBXMSS\|ext_lms\|ext_xmss\|BUILD_LIBLMS\|BUILD_LIBXMSS\|BUILD_WC_LMS\|BUILD_WC_XMSS'returns no hits, and bareWOLFSSL_WC_LMS/WOLFSSL_WC_XMSSreferences return no hitsNotes
-DWOLFSSL_WC_LMSdefinition is also dropped in this PR.https://claude.ai/code/session_01CEeSVaiiJ6ziyya3CCz5RK