From: Matt Caswell <matt@openssl.org>
Date: Thu, 6 Feb 2025 13:48:52 +0000 (+0000)
Subject: Teach SSL_trace() about ML-DSA
X-Git-Tag: openssl-3.5.0-alpha1~559
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=a0fc1ff3481375e710136bbd9a2c45cc8749875f;p=thirdparty%2Fopenssl.git

Teach SSL_trace() about ML-DSA

Ensure the ML-DSA based sigalgs are recognised by SSL_trace()
Also ensure the test_ssl_trace test passes correctly.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26654)
---

diff --git a/ssl/t1_trce.c b/ssl/t1_trce.c
index 2d95f3ad3bf..8d6444c5050 100644
--- a/ssl/t1_trce.c
+++ b/ssl/t1_trce.c
@@ -600,7 +600,15 @@ static const ssl_trace_tbl ssl_sigalg_tbl[] = {
     {TLSEXT_SIGALG_gostr34102001_gostr3411, TLSEXT_SIGALG_gostr34102001_gostr3411_name},
     {TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256, TLSEXT_SIGALG_ecdsa_brainpoolP256r1_sha256_name},
     {TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384, TLSEXT_SIGALG_ecdsa_brainpoolP384r1_sha384_name},
-    {TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512, TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512_name}
+    {TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512, TLSEXT_SIGALG_ecdsa_brainpoolP512r1_sha512_name},
+    /*
+     * Well known groups that we happen to know about, but only come from
+     * provider capability declarations (hence no macros for the
+     * codepoints/names)
+     */
+    {0x0904, "mldsa44"},
+    {0x0905, "mldsa65"},
+    {0x0906, "mldsa87"}
 };
 
 static const ssl_trace_tbl ssl_ctype_tbl[] = {
diff --git a/test/quicapitest.c b/test/quicapitest.c
index 3edea5c90b7..d8d0650a1df 100644
--- a/test/quicapitest.c
+++ b/test/quicapitest.c
@@ -36,7 +36,8 @@ static int is_fips = 0;
 /* The ssltrace test assumes some options are switched on/off */
 #if !defined(OPENSSL_NO_SSL_TRACE) \
     && defined(OPENSSL_NO_BROTLI) && defined(OPENSSL_NO_ZSTD) \
-    && !defined(OPENSSL_NO_ECX) && !defined(OPENSSL_NO_DH)
+    && !defined(OPENSSL_NO_ECX) && !defined(OPENSSL_NO_DH) \
+    && !defined(OPENSSL_NO_ML_DSA)
 # define DO_SSL_TRACE_TEST
 #endif
 
diff --git a/test/recipes/75-test_quicapi_data/ssltraceref-zlib.txt b/test/recipes/75-test_quicapi_data/ssltraceref-zlib.txt
index 3e41f3cfec4..6249195ee36 100644
--- a/test/recipes/75-test_quicapi_data/ssltraceref-zlib.txt
+++ b/test/recipes/75-test_quicapi_data/ssltraceref-zlib.txt
@@ -2,8 +2,8 @@ Sent TLS Record
 Header:
   Version = TLS 1.0 (0x301)
   Content Type = Handshake (22)
-  Length = 263
-    ClientHello, Length=259
+  Length = 269
+    ClientHello, Length=265
       client_version=0x303 (TLS 1.2)
       Random:
         gmt_unix_time=0x????????
@@ -13,7 +13,7 @@ Header:
         {0x13, 0x01} TLS_AES_128_GCM_SHA256
       compression_methods (len=1)
         No Compression (0x00)
-      extensions, length = 216
+      extensions, length = 222
         extension_type=UNKNOWN(57), length=49
           0000 - 0c 00 0f 00 01 04 80 00-75 30 03 02 44 b0 0e   ........u0..D..
           000f - 01 02 04 04 80 0c 00 00-05 04 80 08 00 00 06   ...............
@@ -39,7 +39,7 @@ Header:
           ossltest
         extension_type=encrypt_then_mac(22), length=0
         extension_type=extended_master_secret(23), length=0
-        extension_type=signature_algorithms(13), length=36
+        extension_type=signature_algorithms(13), length=42
           ecdsa_secp256r1_sha256 (0x0403)
           ecdsa_secp384r1_sha384 (0x0503)
           ecdsa_secp521r1_sha512 (0x0603)
@@ -57,6 +57,9 @@ Header:
           rsa_pkcs1_sha256 (0x0401)
           rsa_pkcs1_sha384 (0x0501)
           rsa_pkcs1_sha512 (0x0601)
+          mldsa44 (0x0904)
+          mldsa65 (0x0905)
+          mldsa87 (0x0906)
         extension_type=supported_versions(43), length=3
           TLS 1.3 (772)
         extension_type=psk_key_exchange_modes(45), length=2
@@ -69,7 +72,7 @@ Header:
 
 Sent Frame: Crypto
     Offset: 0
-    Len: 263
+    Len: 269
 Sent Frame: Padding
 Sent Packet
   Packet Type: Initial
diff --git a/test/recipes/75-test_quicapi_data/ssltraceref.txt b/test/recipes/75-test_quicapi_data/ssltraceref.txt
index 2ebfb93b3cf..177677d64dc 100644
--- a/test/recipes/75-test_quicapi_data/ssltraceref.txt
+++ b/test/recipes/75-test_quicapi_data/ssltraceref.txt
@@ -2,8 +2,8 @@ Sent TLS Record
 Header:
   Version = TLS 1.0 (0x301)
   Content Type = Handshake (22)
-  Length = 256
-    ClientHello, Length=252
+  Length = 262
+    ClientHello, Length=258
       client_version=0x303 (TLS 1.2)
       Random:
         gmt_unix_time=0x????????
@@ -13,7 +13,7 @@ Header:
         {0x13, 0x01} TLS_AES_128_GCM_SHA256
       compression_methods (len=1)
         No Compression (0x00)
-      extensions, length = 209
+      extensions, length = 215
         extension_type=UNKNOWN(57), length=49
           0000 - 0c 00 0f 00 01 04 80 00-75 30 03 02 44 b0 0e   ........u0..D..
           000f - 01 02 04 04 80 0c 00 00-05 04 80 08 00 00 06   ...............
@@ -39,7 +39,7 @@ Header:
           ossltest
         extension_type=encrypt_then_mac(22), length=0
         extension_type=extended_master_secret(23), length=0
-        extension_type=signature_algorithms(13), length=36
+        extension_type=signature_algorithms(13), length=42
           ecdsa_secp256r1_sha256 (0x0403)
           ecdsa_secp384r1_sha384 (0x0503)
           ecdsa_secp521r1_sha512 (0x0603)
@@ -57,6 +57,9 @@ Header:
           rsa_pkcs1_sha256 (0x0401)
           rsa_pkcs1_sha384 (0x0501)
           rsa_pkcs1_sha512 (0x0601)
+          mldsa44 (0x0904)
+          mldsa65 (0x0905)
+          mldsa87 (0x0906)
         extension_type=supported_versions(43), length=3
           TLS 1.3 (772)
         extension_type=psk_key_exchange_modes(45), length=2
@@ -67,7 +70,7 @@ Header:
 
 Sent Frame: Crypto
     Offset: 0
-    Len: 256
+    Len: 262
 Sent Frame: Padding
 Sent Packet
   Packet Type: Initial