mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-10 11:10:55 +02:00
Merge pull request #9965 from kojo1/mldsa
Add ML-DSA to X509_get_pubkey and EVP_PKEY_base_id
This commit is contained in:
@@ -30266,3 +30266,57 @@ int test_mldsa_pkcs12(void)
|
||||
#endif
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
/* Test wolfSSL_X509_get_signature_type() and wolfSSL_X509_get_pubkey() /
|
||||
* wolfSSL_EVP_PKEY_base_id() with ML-DSA self-signed certificates loaded
|
||||
* from PEM files (certs/mldsa/mldsa{44,65,87}-cert.pem).
|
||||
*
|
||||
* These certs are generated by renewcerts.sh using OpenSSL 3.3+. */
|
||||
int test_mldsa_x509_pubkey_sigtype(void)
|
||||
{
|
||||
EXPECT_DECLS;
|
||||
#if defined(HAVE_DILITHIUM) && defined(OPENSSL_EXTRA) && \
|
||||
!defined(NO_CERTS) && !defined(NO_FILESYSTEM)
|
||||
static const struct {
|
||||
const char* pem_path;
|
||||
int expected_sig_oid; /* CTC_ML_DSA_LEVEL* (stored as int,
|
||||
* same bit pattern as word32 return) */
|
||||
} cases[] = {
|
||||
{ "./certs/mldsa/mldsa44-cert.pem", (int)CTC_ML_DSA_LEVEL2 },
|
||||
{ "./certs/mldsa/mldsa65-cert.pem", (int)CTC_ML_DSA_LEVEL3 },
|
||||
{ "./certs/mldsa/mldsa87-cert.pem", (int)CTC_ML_DSA_LEVEL5 },
|
||||
};
|
||||
int i;
|
||||
int n = (int)(sizeof(cases) / sizeof(cases[0]));
|
||||
|
||||
for (i = 0; i < n; i++) {
|
||||
WOLFSSL_X509* x509 = NULL;
|
||||
WOLFSSL_EVP_PKEY* pkey = NULL;
|
||||
int sig_oid;
|
||||
int base_id;
|
||||
|
||||
/* Load PEM certificate */
|
||||
ExpectNotNull(x509 = wolfSSL_X509_load_certificate_file(
|
||||
cases[i].pem_path, WOLFSSL_FILETYPE_PEM));
|
||||
if (x509 == NULL)
|
||||
continue;
|
||||
|
||||
/* wolfSSL_X509_get_signature_type() must return the ML-DSA OID sum */
|
||||
sig_oid = wolfSSL_X509_get_signature_type(x509);
|
||||
ExpectIntEQ(sig_oid, cases[i].expected_sig_oid);
|
||||
|
||||
/* wolfSSL_X509_get_pubkey() must succeed */
|
||||
ExpectNotNull(pkey = wolfSSL_X509_get_pubkey(x509));
|
||||
|
||||
if (pkey != NULL) {
|
||||
/* wolfSSL_EVP_PKEY_base_id() must identify the key as Dilithium */
|
||||
base_id = wolfSSL_EVP_PKEY_base_id(pkey);
|
||||
ExpectIntEQ(base_id, WC_EVP_PKEY_DILITHIUM);
|
||||
wolfSSL_EVP_PKEY_free(pkey);
|
||||
}
|
||||
|
||||
wolfSSL_X509_free(x509);
|
||||
}
|
||||
#endif /* HAVE_DILITHIUM && OPENSSL_EXTRA && !NO_CERTS && !NO_FILESYSTEM */
|
||||
return EXPECT_RESULT();
|
||||
}
|
||||
|
||||
@@ -45,6 +45,7 @@ int test_mldsa_pkcs8_import_OpenSSL_form(void);
|
||||
int test_mldsa_pkcs8_export_import_wolfSSL_form(void);
|
||||
int test_wc_dilithium_encode_w1_large_values(void);
|
||||
int test_mldsa_pkcs12(void);
|
||||
int test_mldsa_x509_pubkey_sigtype(void);
|
||||
|
||||
#define TEST_MLDSA_DECLS \
|
||||
TEST_DECL_GROUP("mldsa", test_wc_dilithium), \
|
||||
@@ -67,6 +68,7 @@ int test_mldsa_pkcs12(void);
|
||||
TEST_DECL_GROUP("mldsa", test_mldsa_pkcs8_import_OpenSSL_form), \
|
||||
TEST_DECL_GROUP("mldsa", test_mldsa_pkcs8_export_import_wolfSSL_form), \
|
||||
TEST_DECL_GROUP("mldsa", test_wc_dilithium_encode_w1_large_values), \
|
||||
TEST_DECL_GROUP("mldsa", test_mldsa_pkcs12)
|
||||
TEST_DECL_GROUP("mldsa", test_mldsa_pkcs12), \
|
||||
TEST_DECL_GROUP("mldsa", test_mldsa_x509_pubkey_sigtype)
|
||||
|
||||
#endif /* WOLFCRYPT_TEST_MLDSA_H */
|
||||
|
||||
Reference in New Issue
Block a user