- Added sigid_algs for ML_DSA such that OBJ_find_sigid_algs() works.
- OBJ_sn2nid() was also being called, so the SN form of ML_DSA
algorithms needed to be added to the provider dispatch tables.
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
Reviewed-by: Paul Dale <ppzgs1@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/26636)
{NID_RSA_SHA3_384, NID_sha3_384, NID_rsaEncryption},
{NID_RSA_SHA3_512, NID_sha3_512, NID_rsaEncryption},
{NID_SM2_with_SM3, NID_sm3, NID_sm2},
+ {NID_ML_DSA_44, NID_undef, NID_ML_DSA_44},
+ {NID_ML_DSA_65, NID_undef, NID_ML_DSA_65},
+ {NID_ML_DSA_87, NID_undef, NID_ML_DSA_87},
};
static const nid_triple *const sigoid_srt_xref[] = {
rsassaPss undef rsassaPss
ED25519 undef ED25519
ED448 undef ED448
+ML_DSA_44 undef ML_DSA_44
+ML_DSA_65 undef ML_DSA_65
+ML_DSA_87 undef ML_DSA_87
# Alternative deprecated OIDs. By using the older "rsa" OID this
# type will be recognized by not normally used.
#define PROV_DESCS_RSA_PSS "OpenSSL RSA-PSS implementation"
#define PROV_NAMES_SM2 "SM2:1.2.156.10197.1.301"
#define PROV_DESCS_SM2 "OpenSSL SM2 implementation"
-#define PROV_NAMES_ML_DSA_44 "ML-DSA-44:2.16.840.1.101.3.4.3.17"
+#define PROV_NAMES_ML_DSA_44 "ML-DSA-44:2.16.840.1.101.3.4.3.17:id-ml-dsa-44"
#define PROV_DESCS_ML_DSA_44 "OpenSSL ML-DSA-44 implementation"
-#define PROV_NAMES_ML_DSA_65 "ML-DSA-65:2.16.840.1.101.3.4.3.18"
+#define PROV_NAMES_ML_DSA_65 "ML-DSA-65:2.16.840.1.101.3.4.3.18:id-ml-dsa-65"
#define PROV_DESCS_ML_DSA_65 "OpenSSL ML-DSA-65 implementation"
-#define PROV_NAMES_ML_DSA_87 "ML-DSA-87:2.16.840.1.101.3.4.3.19"
+#define PROV_NAMES_ML_DSA_87 "ML-DSA-87:2.16.840.1.101.3.4.3.19:id-ml-dsa-87"
#define PROV_DESCS_ML_DSA_87 "OpenSSL ML-DSA-87 implementation"
};
subtest "generating certificate requests with ML-DSA" => sub {
- plan tests => 3;
+ plan tests => 5;
SKIP: {
- skip "ML-DSA is not supported by this OpenSSL build", 3
+ skip "ML-DSA is not supported by this OpenSSL build", 5
if disabled("ml-dsa");
ok(run(app(["openssl", "req",
"-subj", "/CN=test-self-signed",
"-addext","keyUsage=digitalSignature"])),
"Generating self signed ML-DSA-87 cert and private key");
+ ok(run(app(["openssl", "req",
+ "-config", srctop_file("test", "test.cnf"),
+ "-new",
+ "-sigopt","hextest-entropy:000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
+ "-out", "csr_ml_dsa_87.pem",
+ "-newkey", "ML-DSA-87",
+ "-passout", "pass:x"])),
+ "Generating ML-DSA-87 csr");
+ ok(run(app(["openssl", "req",
+ "-config", srctop_file("test", "test.cnf"),
+ "-in", "csr_ml_dsa_87.pem"])),
+ "verifying ML-DSA-87 csr");
}
};
projects / thirdparty / openssl.git / commitdiff
