Create ML-DSA-44 & ML-DSA-65 keys if ML-DSA-44 can be created with the installed version of OpenSSL. Add test cases for signing and verifying with these types of keys.
Do not test with ML-DSA-87 keys since the signatures they create may be too large for some filesystems' xattrs. On Btrfs for example it would be possible to store the large signatures. Signed-off-by: Stefan Berger <[email protected]> --- tests/gen-keys.sh | 22 ++++++++++++++++++++++ tests/sign_verify.test | 40 ++++++++++++++++++++++++++++++++-------- 2 files changed, 54 insertions(+), 8 deletions(-) diff --git a/tests/gen-keys.sh b/tests/gen-keys.sh index db0189a..13e6d77 100755 --- a/tests/gen-keys.sh +++ b/tests/gen-keys.sh @@ -148,6 +148,28 @@ if [ -x /opt/openssl3/bin/openssl ]; then done) fi +# If creating mldsa44 key works, create all ML-DSA sizes +if openssl genpkey -algorithm mldsa44 &>/dev/null; then + for mldsa in mldsa44 mldsa65; do + if [ "$1" = clean ] || [ "$1" = force ]; then + rm -f test-$mldsa.cer test-$mldsa.key test-$mldsa.pub + fi + if [ "$1" = clean ]; then + continue + fi + if [ ! -e test-$mldsa.key ]; then + log openssl req -verbose -new -nodes -utf8 -sha256 -days 10000 -batch -x509 \ + -config test-ca.conf \ + -newkey "$mldsa" \ + -out test-$mldsa.cer -outform DER \ + -keyout test-$mldsa.key + if [ -s test-$mldsa.key ]; then + log openssl pkey -in test-$mldsa.key -out test-$mldsa.pub -pubout + fi + fi + done +fi + # This script leaves test-ca.conf, *.cer, *.pub, *.key files for sing/verify tests. # They are never deleted except by `make distclean'. diff --git a/tests/sign_verify.test b/tests/sign_verify.test index 9319123..2b94b91 100755 --- a/tests/sign_verify.test +++ b/tests/sign_verify.test @@ -166,8 +166,15 @@ check_sign() { fi # Can openssl sign with this digest and key? - cmd="openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -$ALG -sign $key -hex $FILE" - echo - "$cmd" + case "${KEY:0:10}" in + "test-mldsa") + cmd="openssl pkeyutl -sign -inkey $key -in $FILE" + echo >> "$FILE" # need at least 1 byte in the file for signing to work + ;; + *) + cmd="openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -$ALG -sign $key -hex $FILE" + ;; + esac if ! $cmd >/dev/null; then echo "${CYAN}$ALG ($key) test is skipped (openssl is unable to sign)$NORM" return "$SKIP" @@ -216,11 +223,21 @@ check_sign() { if [[ "$OPTS" =~ "--v3" ]]; then # In case of v3 signatures we need to create ima_file_id now. # All data for it can be found in PREFIX and by hashing $FILE. - echo -en "\x${PREFIX:2:2}\x${PREFIX:6:2}" > "$FILE.tmp" + echo -en "\x${PREFIX:2:2}\x${PREFIX:6:2}" > "$FILE.ima_file_id" # shellcheck disable=SC2086 - openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -"$ALG" -binary "$FILE" >> "$FILE.tmp" - cmd="openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -$ALG -verify ${verifykey} \ - -signature $FILE.sig2 $FILE.tmp" + openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -"$ALG" -binary "$FILE" \ + >> "$FILE.ima_file_id" + + case "${KEY:0:10}" in + "test-mldsa") + # ML-DSA does not accept a hash algorithm on command line + cmd="openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -verify ${verifykey} \ + -signature $FILE.sig2 $FILE.ima_file_id" + ;; + *) + cmd="openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -$ALG -verify ${verifykey} \ + -signature $FILE.sig2 $FILE.ima_file_id" + esac sigver=3 else cmd="openssl dgst $OPENSSL_ENGINE $OPENSSL_KEYFORM -$ALG -verify ${verifykey} \ @@ -232,11 +249,11 @@ check_sign() { color_red_on_failure echo "Signature v${sigver} verification with openssl is failed." color_restore - rm "$FILE.sig2" "$FILE.tmp" + rm "$FILE.sig2" "$FILE.ima_file_id" return "$FAIL" fi - rm "$FILE.sig2" "$FILE.tmp" + rm "$FILE.sig2" "$FILE.ima_file_id" return "$OK" } @@ -424,6 +441,13 @@ sign_verify prime256v1 sha256 0x030304:K:004[345678] --v3 sign_verify prime256v1 sha384 0x030305:K:004[345678] --v3 sign_verify prime256v1 sha512 0x030306:K:004[345678] --v3 +sign_verify mldsa44 sha256 0x030304:K:0974 --v3 +sign_verify mldsa44 sha384 0x030305:K:0974 --v3 +sign_verify mldsa44 sha512 0x030306:K:0974 --v3 +sign_verify mldsa65 sha256 0x030304:K:0ced --v3 +sign_verify mldsa65 sha384 0x030305:K:0ced --v3 +sign_verify mldsa65 sha512 0x030306:K:0ced --v3 + # If openssl 3.0 is installed, test the SM2/3 algorithm combination ssl_major_version=$(openssl version | sed -n 's/^OpenSSL \([^\.]\).*/\1/p') if [ "${ssl_major_version}" = 3 ]; then -- 2.53.0
