mirror of
https://github.com/wolfSSL/wolfssl.git
synced 2026-07-05 16:30:49 +02:00
f16216e5b8
wc_SlhDsaKey_{Sign,Verify}Hash* previously accepted the raw message and
performed the pre-hash internally. They now require the caller to hash the
message first and pass the resulting digest -- the functions no longer call
wc_*Hash() themselves and feed the supplied digest directly into the M'
construction. Parameters are renamed from msg/msgSz to hash/hashSz to reflect
this, and hashSz is validated against wc_HashGetDigestSize(hashType) per
FIPS 205 Section 10.2.2 (32 for SHAKE128, 64 for SHAKE256), returning
BAD_LENGTH_E on mismatch.
This matches ML-DSA's wc_dilithium_{sign,verify}_ctx_hash, NIST ACVP
signatureInterface=external / preHash=preHash vectors, and other libraries
(OpenSSL HASH-ML-DSA, leancrypto, mldsa-native). It also enables distributed
signers and HSM-style flows where the digest is computed separately from the
signing operation.
Migration: callers must now hash the message before invoking these APIs;
passing the raw message will either fail length validation or produce
signatures over the wrong input. The M'-supplied wc_SlhDsaKey_SignMsg* /
VerifyMsg family (FIPS 205 internal interface, Algorithms 19/20) is
unchanged but gains stricter input validation and doxygen coverage.
63 lines
2.8 KiB
C
63 lines
2.8 KiB
C
/* test_slhdsa.h
|
|
*
|
|
* Copyright (C) 2006-2026 wolfSSL Inc.
|
|
*
|
|
* This file is part of wolfSSL.
|
|
*
|
|
* wolfSSL is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 3 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* wolfSSL is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License
|
|
* along with this program; if not, write to the Free Software
|
|
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
|
|
*/
|
|
|
|
#ifndef WOLFCRYPT_TEST_SLHDSA_H
|
|
#define WOLFCRYPT_TEST_SLHDSA_H
|
|
|
|
#include <tests/api/api_decl.h>
|
|
|
|
int test_wc_slhdsa(void);
|
|
int test_wc_slhdsa_sizes(void);
|
|
int test_wc_slhdsa_make_key(void);
|
|
int test_wc_slhdsa_sign(void);
|
|
int test_wc_slhdsa_verify(void);
|
|
int test_wc_slhdsa_sign_vfy(void);
|
|
int test_wc_slhdsa_sign_hash(void);
|
|
int test_wc_slhdsa_sign_msg(void);
|
|
int test_wc_slhdsa_export_import(void);
|
|
int test_wc_slhdsa_check_key(void);
|
|
int test_wc_slhdsa_der_roundtrip(void);
|
|
int test_wc_slhdsa_der_negative(void);
|
|
int test_wc_slhdsa_der_decode_files(void);
|
|
int test_wc_slhdsa_x509_i2d_roundtrip(void);
|
|
int test_wc_slhdsa_param_disabled(void);
|
|
int test_wc_slhdsa_decoder_disabled_oid(void);
|
|
|
|
#define TEST_SLHDSA_DECLS \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_sizes), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_make_key), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_sign), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_verify), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_sign_vfy), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_sign_hash), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_sign_msg), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_export_import), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_check_key), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_der_roundtrip), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_der_negative), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_der_decode_files), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_x509_i2d_roundtrip), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_param_disabled), \
|
|
TEST_DECL_GROUP("slhdsa", test_wc_slhdsa_decoder_disabled_oid)
|
|
|
|
#endif /* WOLFCRYPT_TEST_SLHDSA_H */
|