From c1500f862290ee571ad7bbca6b3061e48ac0fa89 Mon Sep 17 00:00:00 2001 From: Daniele Lacamera Date: Thu, 9 Jul 2026 10:51:29 +0200 Subject: [PATCH] tests: import the falcon benchmark key instead of OQS keygen test_wc_falcon_sign_verify aborted (SIGABRT) when run as part of the full unit suite in liboqs configs. The direct OQS_SIG_keypair() call draws from liboqs' randombytes callback, which wolfSSL points at its default liboqs RNG; wolfSSL_liboqsClose() (run by wolfCrypt_Cleanup) frees that RNG without resetting liboqs_init, so after any earlier Init/Cleanup cycle in the suite the re-Init never re-creates it and the callback abort()s on the freed RNG. Running the test alone passed, which is why this only surfaced in make check. Drop the direct liboqs usage entirely: decode the embedded bench_falcon_level1_key (certs_test.h) with wc_Falcon_PrivateKeyDecode and exercise sign/verify through the wolfSSL API only, which hands the test's own RNG to liboqs and does not depend on the default-RNG lifecycle. Also removes the oqs/oqs.h include and the OQS_STATUS handling; with no liboqs symbols left in the body, only the guard still references HAVE_LIBOQS, easing the planned liboqs removal. Validated in --with-liboqs --enable-experimental --enable-falcon (the failing PRB-liboqs config): the full unit suite now completes with the test passing at the position that aborted; also passes under opensslall+falcon and compiles clean with -Werror=bad-function-cast. --- tests/api/test_signature.c | 50 ++++++++++++++++---------------------- 1 file changed, 21 insertions(+), 29 deletions(-) diff --git a/tests/api/test_signature.c b/tests/api/test_signature.c index e8e928c42f..5a25917e72 100644 --- a/tests/api/test_signature.c +++ b/tests/api/test_signature.c @@ -35,9 +35,6 @@ #include #ifdef HAVE_FALCON #include - #ifdef HAVE_LIBOQS - #include - #endif #endif #include #include @@ -174,12 +171,9 @@ int test_wc_falcon_sign_verify(void) #if defined(HAVE_FALCON) && defined(HAVE_LIBOQS) falcon_key key; WC_RNG rng; - OQS_SIG* oqssig = NULL; - OQS_STATUS oqs_status; - byte pub[FALCON_LEVEL1_PUB_KEY_SIZE]; - byte priv[FALCON_LEVEL1_KEY_SIZE]; byte sig[FALCON_LEVEL1_SIG_SIZE]; word32 sigLen = (word32)sizeof(sig); + word32 idx = 0; int verified = 0; static const byte msg[] = "wolfssl falcon coverage"; @@ -188,29 +182,27 @@ int test_wc_falcon_sign_verify(void) ExpectIntEQ(wc_falcon_set_level(&key, 1), 0); ExpectIntEQ(wc_InitRng(&rng), 0); - ExpectNotNull(oqssig = OQS_SIG_new(OQS_SIG_alg_falcon_512)); - if (oqssig != NULL) { - /* Keep the call out of ExpectIntEQ: the macro casts its arguments to - * int, and casting a function call returning the OQS_STATUS enum - * trips -Werror=bad-function-cast; casting a variable does not. */ - oqs_status = OQS_SIG_keypair(oqssig, pub, priv); - ExpectIntEQ((int)oqs_status, (int)OQS_SUCCESS); - ExpectIntEQ(wc_falcon_import_private_key(priv, (word32)sizeof(priv), pub, - (word32)sizeof(pub), &key), 0); - ExpectIntGT(wc_falcon_size(&key), 0); - ExpectIntGT(wc_falcon_pub_size(&key), 0); - ExpectIntGT(wc_falcon_priv_size(&key), 0); - ExpectIntGT(wc_falcon_sig_size(&key), 0); - ExpectIntEQ(wc_falcon_sign_msg(msg, (word32)sizeof(msg), sig, &sigLen, - &key, &rng), 0); - ExpectIntEQ(wc_falcon_verify_msg(sig, sigLen, msg, (word32)sizeof(msg), - &verified, &key), 0); - ExpectIntEQ(verified, 1); - } + /* Use the embedded benchmark key rather than generating one with a + * direct OQS_SIG_keypair() call: that call draws from liboqs' + * randombytes callback, which wolfSSL points at its default liboqs RNG. + * Any earlier wolfCrypt_Init/Cleanup cycle in this suite leaves that RNG + * freed (wolfSSL_liboqsClose() does not reset liboqs_init, so re-Init + * never re-creates it) and the callback then abort()s. The wolfSSL API + * paths below hand OUR rng to liboqs instead, so they do not depend on + * that state. */ + ExpectIntEQ(wc_Falcon_PrivateKeyDecode(bench_falcon_level1_key, &idx, + &key, (word32)sizeof_bench_falcon_level1_key), 0); + + ExpectIntGT(wc_falcon_size(&key), 0); + ExpectIntGT(wc_falcon_pub_size(&key), 0); + ExpectIntGT(wc_falcon_priv_size(&key), 0); + ExpectIntGT(wc_falcon_sig_size(&key), 0); + ExpectIntEQ(wc_falcon_sign_msg(msg, (word32)sizeof(msg), sig, &sigLen, + &key, &rng), 0); + ExpectIntEQ(wc_falcon_verify_msg(sig, sigLen, msg, (word32)sizeof(msg), + &verified, &key), 0); + ExpectIntEQ(verified, 1); - if (oqssig != NULL) { - OQS_SIG_free(oqssig); - } DoExpectIntEQ(wc_FreeRng(&rng), 0); wc_falcon_free(&key); #endif