ml-dsa: add to FIPS provider

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26548)

diff --git a/crypto/ml_dsa/build.info b/crypto/ml_dsa/build.info
index c83c20cc7f8d095ee7ce1584294752927012b664..eb6a16dec69c1a8de77fcf53e89e922117fa955a 100644 (file)
--- a/crypto/ml_dsa/build.info
+++ b/crypto/ml_dsa/build.info
@@ -6,4 +6,5 @@ $COMMON=ml_dsa_encoders.c ml_dsa_key_compress.c ml_dsa_key.c \
 
 IF[{- !$disabled{'ml_dsa'} -}]
   SOURCE[../../libcrypto]=$COMMON
+  SOURCE[../../providers/libfips.a]=$COMMON
 ENDIF

diff --git a/providers/fips/fipsprov.c b/providers/fips/fipsprov.c
index 58a14a9102ef6f7be10914fa8fcfb1fe46576646..19771eddc28ecb8e99df45d75f25af2a4482bcbd 100644 (file)
--- a/providers/fips/fipsprov.c
+++ b/providers/fips/fipsprov.c
@@ -542,6 +542,14 @@ static const OSSL_ALGORITHM fips_keymgmt[] = {
       PROV_DESCS_ED448 },
 # endif
 #endif
+#ifndef OPENSSL_NO_ML_DSA
+    { PROV_NAMES_ML_DSA_44, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_44_keymgmt_functions,
+      PROV_DESCS_ML_DSA_44 },
+    { PROV_NAMES_ML_DSA_65, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_65_keymgmt_functions,
+      PROV_DESCS_ML_DSA_65 },
+    { PROV_NAMES_ML_DSA_87, FIPS_DEFAULT_PROPERTIES, ossl_ml_dsa_87_keymgmt_functions,
+      PROV_DESCS_ML_DSA_87 },
+#endif /* OPENSSL_NO_ML_DSA */
     { PROV_NAMES_TLS1_PRF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions,
       PROV_DESCS_TLS1_PRF_SIGN },
     { PROV_NAMES_HKDF, FIPS_DEFAULT_PROPERTIES, ossl_kdf_keymgmt_functions,