From: Pauli <ppzgs1@gmail.com>
Date: Tue, 6 May 2025 01:33:34 +0000 (+1000)
Subject: slh-dsa: add security category support
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=3b9f957c790b1dc1261f61bdb419f9b792fd9b04;p=thirdparty%2Fopenssl.git

slh-dsa: add security category support

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/27571)
---

diff --git a/crypto/slh_dsa/slh_dsa_key.c b/crypto/slh_dsa/slh_dsa_key.c
index d71d55c2582..3462da2916c 100644
--- a/crypto/slh_dsa/slh_dsa_key.c
+++ b/crypto/slh_dsa/slh_dsa_key.c
@@ -425,6 +425,11 @@ size_t ossl_slh_dsa_key_get_n(const SLH_DSA_KEY *key)
     return key->params->n;
 }
 
+int ossl_slh_dsa_key_get_security_category(const SLH_DSA_KEY *key)
+{
+    return key->params->security_category;
+}
+
 size_t ossl_slh_dsa_key_get_sig_len(const SLH_DSA_KEY *key)
 {
     return key->params->sig_len;
diff --git a/include/crypto/slh_dsa.h b/include/crypto/slh_dsa.h
index cf1e21215f9..93e0b80fb68 100644
--- a/include/crypto/slh_dsa.h
+++ b/include/crypto/slh_dsa.h
@@ -46,6 +46,7 @@ __owur int ossl_slh_dsa_set_pub(SLH_DSA_KEY *key, const uint8_t *pub,
                                 size_t pub_len);
 __owur size_t ossl_slh_dsa_key_get_priv_len(const SLH_DSA_KEY *key);
 __owur size_t ossl_slh_dsa_key_get_n(const SLH_DSA_KEY *key);
+__owur int ossl_slh_dsa_key_get_security_category(const SLH_DSA_KEY *key);
 __owur size_t ossl_slh_dsa_key_get_sig_len(const SLH_DSA_KEY *key);
 __owur const char *ossl_slh_dsa_key_get_name(const SLH_DSA_KEY *key);
 __owur int ossl_slh_dsa_key_get_type(const SLH_DSA_KEY *key);
diff --git a/providers/implementations/keymgmt/slh_dsa_kmgmt.c b/providers/implementations/keymgmt/slh_dsa_kmgmt.c
index d3803424a6a..6afe0a07df3 100644
--- a/providers/implementations/keymgmt/slh_dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/slh_dsa_kmgmt.c
@@ -135,6 +135,7 @@ static const OSSL_PARAM slh_dsa_params[] = {
     OSSL_PARAM_int(OSSL_PKEY_PARAM_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_BITS, NULL),
     OSSL_PARAM_int(OSSL_PKEY_PARAM_MAX_SIZE, NULL),
+    OSSL_PARAM_int(OSSL_PKEY_PARAM_SECURITY_CATEGORY, NULL),
     OSSL_PARAM_utf8_string(OSSL_PKEY_PARAM_MANDATORY_DIGEST, NULL, 0),
     SLH_DSA_IMEXPORTABLE_PARAMETERS,
     OSSL_PARAM_END
@@ -183,6 +184,9 @@ static int slh_dsa_get_params(void *keydata, OSSL_PARAM params[])
     if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_MAX_SIZE)) != NULL
             && !OSSL_PARAM_set_int(p, ossl_slh_dsa_key_get_sig_len(key)))
         return 0;
+    if ((p = OSSL_PARAM_locate(params, OSSL_PKEY_PARAM_SECURITY_CATEGORY)) != NULL
+            && !OSSL_PARAM_set_int(p, ossl_slh_dsa_key_get_security_category(key)))
+        return 0;
 
     priv = ossl_slh_dsa_key_get_priv(key);
     if (priv != NULL) {