git.ipfire.org Git - thirdparty/openssl.git/commit

author	slontis <shane.lontis@oracle.com>
	Wed, 2 Jul 2025 08:21:39 +0000 (18:21 +1000)
committer	Pauli <ppzgs1@gmail.com>
	Thu, 10 Jul 2025 09:04:37 +0000 (19:04 +1000)
commit	e6c8110483490de9fcc2ad20411a1a6e224685b6
tree	9d5870eae025ef4a725ce05ca86c335161b037fc	tree \| snapshot
parent	d3081a52e87bd86bb584d66b883c1f1f23af2446	commit \| diff

Add LMS evp_test using NIST ACVP test data.

This covers all LMS algorithm parameter sets.

The following changes were done to handle the tests:
(1) Changed LMS to use OSSL_PKEY_PARAM_PUB_KEY instead of
OSSL_PKEY_PARAM_ENCODED_PUBLIC_KEY for import/export.
(There is no reason to have the encoded form for verify operations).
(2) Fixed a bug for W=1 with truncated digests. The checksum was using
a value of 8-w, which was off by 1 for this case. A value was added to
the ots parameters that represents this value.
(3) A check in evp_test for a NID was removed since LMS does not have
OIDS (HSS does).
(4) the unused PROPERTIES param was removed from the LMS keymanager.

Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27885)

crypto/lms/lm_ots_params.c		diff \| blob \| blame \| history
crypto/lms/lms_pubkey_decode.c		diff \| blob \| blame \| history
doc/man7/EVP_PKEY-LMS.pod		diff \| blob \| blame \| history
include/crypto/lms.h		diff \| blob \| blame \| history
providers/fips/self_test_kats.c		diff \| blob \| blame \| history
providers/implementations/keymgmt/lms_kmgmt.c		diff \| blob \| blame \| history
test/evp_test.c		diff \| blob \| blame \| history
test/lms_parse.py	[new file with mode: 0644]	blob
test/lms_test.c		diff \| blob \| blame \| history
test/recipes/30-test_evp.t		diff \| blob \| blame \| history
test/recipes/30-test_evp_data/evppkey_lms_sigver.txt	[new file with mode: 0644]	blob