From e8457ce07737c53bbc8d5f0abd81b687f12cceaf Mon Sep 17 00:00:00 2001 From: slontis Date: Thu, 7 Nov 2024 14:59:45 +1100 Subject: [PATCH] Add support for all 12 SLH-DSA parameter sets. Reviewed-by: Paul Dale Reviewed-by: Viktor Dukhovni Reviewed-by: Tim Hudson (Merged from https://github.com/openssl/openssl/pull/25882) --- crypto/slh_dsa/slh_adrs.c | 77 +++++- crypto/slh_dsa/slh_hash.c | 103 +++++++- crypto/slh_dsa/slh_params.c | 16 ++ providers/defltprov.c | 44 ++++ .../include/prov/implementations.h | 22 ++ .../implementations/include/prov/names.h | 22 ++ .../implementations/keymgmt/slh_dsa_kmgmt.c | 11 + .../implementations/signature/slh_dsa_sig.c | 11 + test/slh_dsa.inc | 249 ++++++++++++++++-- test/slh_dsa_test.c | 49 ++-- 10 files changed, 559 insertions(+), 45 deletions(-) diff --git a/crypto/slh_dsa/slh_adrs.c b/crypto/slh_dsa/slh_adrs.c index 29b0882746f..3292d3928bf 100644 --- a/crypto/slh_dsa/slh_adrs.c +++ b/crypto/slh_dsa/slh_adrs.c @@ -34,9 +34,22 @@ #define SLH_ADRSC_SIZE_TYPECLEAR SLH_ADRS_SIZE_TYPECLEAR #define SLH_ADRSC_SIZE_KEYPAIR_ADDR SLH_ADRS_SIZE_KEYPAIR_ADDR +#define slh_adrs_set_tree_height slh_adrs_set_chain_address +#define slh_adrs_set_tree_index slh_adrs_set_hash_address + #define slh_adrsc_set_tree_height slh_adrsc_set_chain_address #define slh_adrsc_set_tree_index slh_adrsc_set_hash_address +static OSSL_SLH_ADRS_FUNC_set_layer_address slh_adrs_set_layer_address; +static OSSL_SLH_ADRS_FUNC_set_tree_address slh_adrs_set_tree_address; +static OSSL_SLH_ADRS_FUNC_set_type_and_clear slh_adrs_set_type_and_clear; +static OSSL_SLH_ADRS_FUNC_set_keypair_address slh_adrs_set_keypair_address; +static OSSL_SLH_ADRS_FUNC_copy_keypair_address slh_adrs_copy_keypair_address; +static OSSL_SLH_ADRS_FUNC_set_chain_address slh_adrs_set_chain_address; +static OSSL_SLH_ADRS_FUNC_set_hash_address slh_adrs_set_hash_address; +static OSSL_SLH_ADRS_FUNC_zero slh_adrs_zero; +static OSSL_SLH_ADRS_FUNC_copy slh_adrs_copy; + static OSSL_SLH_ADRS_FUNC_set_layer_address slh_adrsc_set_layer_address; static OSSL_SLH_ADRS_FUNC_set_tree_address slh_adrsc_set_tree_address; static OSSL_SLH_ADRS_FUNC_set_type_and_clear slh_adrsc_set_type_and_clear; @@ -71,6 +84,55 @@ static ossl_inline void U64TOSTR(unsigned char *out, uint64_t in) out[0] = (unsigned char)((in >> 56) & 0xff); } +/* + * The non compressed versions of the ADRS functions use 32 bytes + * This is only used by SHAKE. + */ +static void slh_adrs_set_layer_address(SLH_ADRS adrs, uint32_t layer) +{ + U32TOSTR(adrs + SLH_ADRS_OFF_LAYER_ADR, layer); +} +static void slh_adrs_set_tree_address(SLH_ADRS adrs, uint64_t address) +{ + /* + * There are 12 bytes reserved for this - but the largest number + * used by the parameter sets is only 64 bits. Because this is BE the + * first 4 of the 12 bytes will be zeros. This assumes that the 4 bytes + * are zero initially. + */ + U64TOSTR(adrs + SLH_ADRS_OFF_TREE_ADR + 4, address); +} +static void slh_adrs_set_type_and_clear(SLH_ADRS adrs, uint32_t type) +{ + U32TOSTR(adrs + SLH_ADRS_OFF_TYPE, type); + memset(adrs + SLH_ADRS_OFF_TYPE + SLH_ADRS_SIZE_TYPE, 0, SLH_ADRS_SIZE_TYPECLEAR); +} +static void slh_adrs_set_keypair_address(SLH_ADRS adrs, uint32_t in) +{ + U32TOSTR(adrs + SLH_ADRS_OFF_KEYPAIR_ADDR, in); +} +static void slh_adrs_copy_keypair_address(SLH_ADRS dst, const SLH_ADRS src) +{ + memcpy(dst + SLH_ADRS_OFF_KEYPAIR_ADDR, src + SLH_ADRS_OFF_KEYPAIR_ADDR, + SLH_ADRS_SIZE_KEYPAIR_ADDR); +} +static void slh_adrs_set_chain_address(SLH_ADRS adrs, uint32_t in) +{ + U32TOSTR(adrs + SLH_ADRS_OFF_CHAIN_ADDR, in); +} +static void slh_adrs_set_hash_address(SLH_ADRS adrs, uint32_t in) +{ + U32TOSTR(adrs + SLH_ADRS_OFF_HASH_ADDR, in); +} +static void slh_adrs_zero(SLH_ADRS adrs) +{ + memset(adrs, 0, SLH_ADRS_SIZE); +} +static void slh_adrs_copy(SLH_ADRS dst, const SLH_ADRS src) +{ + memcpy(dst, src, SLH_ADRS_SIZE); +} + /* Compressed versions of ADRS functions See Table 3 */ static void slh_adrsc_set_layer_address(SLH_ADRS adrsc, uint32_t layer) { @@ -114,6 +176,19 @@ static void slh_adrsc_copy(SLH_ADRS dst, const SLH_ADRS src) const SLH_ADRS_FUNC *ossl_slh_get_adrs_fn(int is_compressed) { static const SLH_ADRS_FUNC methods[] = { + { + slh_adrs_set_layer_address, + slh_adrs_set_tree_address, + slh_adrs_set_type_and_clear, + slh_adrs_set_keypair_address, + slh_adrs_copy_keypair_address, + slh_adrs_set_chain_address, + slh_adrs_set_tree_height, + slh_adrs_set_hash_address, + slh_adrs_set_tree_index, + slh_adrs_zero, + slh_adrs_copy, + }, { slh_adrsc_set_layer_address, slh_adrsc_set_tree_address, @@ -128,5 +203,5 @@ const SLH_ADRS_FUNC *ossl_slh_get_adrs_fn(int is_compressed) slh_adrsc_copy, } }; - return &methods[0]; + return &methods[is_compressed == 0 ? 0 : 1]; } diff --git a/crypto/slh_dsa/slh_hash.c b/crypto/slh_dsa/slh_hash.c index dab5218c31f..d0f2d29da4b 100644 --- a/crypto/slh_dsa/slh_hash.c +++ b/crypto/slh_dsa/slh_hash.c @@ -32,6 +32,13 @@ static OSSL_SLH_HASHFUNC_F slh_f_sha2; static OSSL_SLH_HASHFUNC_H slh_h_sha2; static OSSL_SLH_HASHFUNC_T slh_t_sha2; +static OSSL_SLH_HASHFUNC_H_MSG slh_hmsg_shake; +static OSSL_SLH_HASHFUNC_PRF slh_prf_shake; +static OSSL_SLH_HASHFUNC_PRF_MSG slh_prf_msg_shake; +static OSSL_SLH_HASHFUNC_F slh_f_shake; +static OSSL_SLH_HASHFUNC_H slh_h_shake; +static OSSL_SLH_HASHFUNC_T slh_t_shake; + static EVP_MAC_CTX *hmac_ctx_new(OSSL_LIB_CTX *lib_ctx, const char *propq) { EVP_MAC_CTX *mctx = NULL; @@ -121,6 +128,92 @@ void ossl_slh_hash_ctx_cleanup(SLH_HASH_CTX *ctx) EVP_MD_CTX_free(ctx->md_ctx); } +static ossl_inline int xof_digest_3(EVP_MD_CTX *ctx, + const uint8_t *in1, size_t in1_len, + const uint8_t *in2, size_t in2_len, + const uint8_t *in3, size_t in3_len, + uint8_t *out, size_t out_len) +{ + return (EVP_DigestInit_ex2(ctx, NULL, NULL) == 1 + && EVP_DigestUpdate(ctx, in1, in1_len) == 1 + && EVP_DigestUpdate(ctx, in2, in2_len) == 1 + && EVP_DigestUpdate(ctx, in3, in3_len) == 1 + && EVP_DigestFinalXOF(ctx, out, out_len) == 1); +} + +static ossl_inline int xof_digest_4(EVP_MD_CTX *ctx, + const uint8_t *in1, size_t in1_len, + const uint8_t *in2, size_t in2_len, + const uint8_t *in3, size_t in3_len, + const uint8_t *in4, size_t in4_len, + uint8_t *out, size_t out_len) +{ + return (EVP_DigestInit_ex2(ctx, NULL, NULL) == 1 + && EVP_DigestUpdate(ctx, in1, in1_len) == 1 + && EVP_DigestUpdate(ctx, in2, in2_len) == 1 + && EVP_DigestUpdate(ctx, in3, in3_len) == 1 + && EVP_DigestUpdate(ctx, in4, in4_len) == 1 + && EVP_DigestFinalXOF(ctx, out, out_len) == 1); +} + +/* See FIPS 205 Section 11.1 */ +static void +slh_hmsg_shake(SLH_HASH_CTX *hctx, const uint8_t *r, const uint8_t *pk_seed, + const uint8_t *pk_root, const uint8_t *msg, size_t msg_len, + uint8_t *out) +{ + size_t m = hctx->m; + size_t n = hctx->n; + + xof_digest_4(hctx->md_ctx, r, n, pk_seed, n, pk_root, n, msg, msg_len, out, m); +} + +static void +slh_prf_shake(SLH_HASH_CTX *hctx, const uint8_t *pk_seed, const uint8_t *sk_seed, + const SLH_ADRS adrs, uint8_t *out) +{ + size_t n = hctx->n; + + xof_digest_3(hctx->md_ctx, pk_seed, n, adrs, SLH_ADRS_SIZE, sk_seed, n, out, n); +} + +static void +slh_prf_msg_shake(SLH_HASH_CTX *hctx, const uint8_t *sk_prf, + const uint8_t *opt_rand, const uint8_t *msg, size_t msg_len, + uint8_t *out) +{ + size_t n = hctx->n; + + xof_digest_3(hctx->md_ctx, sk_prf, n, opt_rand, n, msg, msg_len, out, n); +} + +static void +slh_f_shake(SLH_HASH_CTX *hctx, const uint8_t *pk_seed, const SLH_ADRS adrs, + const uint8_t *m1, size_t m1_len, uint8_t *out) +{ + size_t n = hctx->n; + + xof_digest_3(hctx->md_ctx, pk_seed, n, adrs, SLH_ADRS_SIZE, m1, m1_len, out, n); +} + +static void +slh_h_shake(SLH_HASH_CTX *hctx, const uint8_t *pk_seed, const SLH_ADRS adrs, + const uint8_t *m1, const uint8_t *m2, uint8_t *out) +{ + size_t n = hctx->n; + + xof_digest_4(hctx->md_ctx, pk_seed, n, adrs, SLH_ADRS_SIZE, m1, n, m2, n, out, n); +} + +static void +slh_t_shake(SLH_HASH_CTX *hctx, const uint8_t *pk_seed, const SLH_ADRS adrs, + const uint8_t *ml, size_t ml_len, uint8_t *out) +{ + size_t n = hctx->n; + + xof_digest_3(hctx->md_ctx, pk_seed, n, adrs, SLH_ADRS_SIZE, ml, ml_len, out, n); +} + static ossl_inline int digest_4(EVP_MD_CTX *ctx, const uint8_t *in1, size_t in1_len, const uint8_t *in2, size_t in2_len, @@ -249,6 +342,14 @@ slh_t_sha2(SLH_HASH_CTX *hctx, const uint8_t *pk_seed, const SLH_ADRS adrs, const SLH_HASH_FUNC *ossl_slh_get_hash_fn(int is_shake) { static const SLH_HASH_FUNC methods[] = { + { + slh_hmsg_shake, + slh_prf_shake, + slh_prf_msg_shake, + slh_f_shake, + slh_h_shake, + slh_t_shake + }, { slh_hmsg_sha2, slh_prf_sha2, @@ -258,5 +359,5 @@ const SLH_HASH_FUNC *ossl_slh_get_hash_fn(int is_shake) slh_t_sha2 } }; - return &methods[0]; + return &methods[is_shake ? 0 : 1]; } diff --git a/crypto/slh_dsa/slh_params.c b/crypto/slh_dsa/slh_params.c index 5034f8547cf..39d9e5fb194 100644 --- a/crypto/slh_dsa/slh_params.c +++ b/crypto/slh_dsa/slh_params.c @@ -15,9 +15,25 @@ * n h d hm a k m sc pk sig */ #define OSSL_SLH_DSA_128S 16, 63, 7, 9, 12, 14, 30, 1, 32, 7856 +#define OSSL_SLH_DSA_128F 16, 66, 22, 3, 6, 33, 34, 1, 32, 17088 +#define OSSL_SLH_DSA_192S 24, 63, 7, 9, 14, 17, 39, 3, 48, 16224 +#define OSSL_SLH_DSA_192F 24, 66, 22, 3, 8, 33, 42, 3, 48, 35664 +#define OSSL_SLH_DSA_256S 32, 64, 8, 8, 14, 22, 47, 5, 64, 29792 +#define OSSL_SLH_DSA_256F 32, 68, 17, 4, 9, 35, 49, 5, 64, 49856 static const SLH_DSA_PARAMS slh_dsa_params[] = { {"SLH-DSA-SHA2-128s", 0, OSSL_SLH_DSA_128S}, + {"SLH-DSA-SHAKE-128s", 1, OSSL_SLH_DSA_128S}, + {"SLH-DSA-SHA2-128f", 0, OSSL_SLH_DSA_128F}, + {"SLH-DSA-SHAKE-128f", 1, OSSL_SLH_DSA_128F}, + {"SLH-DSA-SHA2-192s", 0, OSSL_SLH_DSA_192S}, + {"SLH-DSA-SHAKE-192s", 1, OSSL_SLH_DSA_192S}, + {"SLH-DSA-SHA2-192f", 0, OSSL_SLH_DSA_192F}, + {"SLH-DSA-SHAKE-192f", 1, OSSL_SLH_DSA_192F}, + {"SLH-DSA-SHA2-256s", 0, OSSL_SLH_DSA_256S}, + {"SLH-DSA-SHAKE-256s", 1, OSSL_SLH_DSA_256S}, + {"SLH-DSA-SHA2-256f", 0, OSSL_SLH_DSA_256F}, + {"SLH-DSA-SHAKE-256f", 1, OSSL_SLH_DSA_256F}, {NULL}, }; diff --git a/providers/defltprov.c b/providers/defltprov.c index 9924a01131f..81cdf21c825 100644 --- a/providers/defltprov.c +++ b/providers/defltprov.c @@ -465,6 +465,28 @@ static const OSSL_ALGORITHM deflt_signature[] = { #ifndef OPENSSL_NO_SLH_DSA { PROV_NAMES_SLH_DSA_SHA2_128S, "provider=default", ossl_slh_dsa_sha2_128s_signature_functions, PROV_DESCS_SLH_DSA_SHA2_128S }, + { PROV_NAMES_SLH_DSA_SHA2_128F, "provider=default", ossl_slh_dsa_sha2_128f_signature_functions, + PROV_DESCS_SLH_DSA_SHA2_128F }, + { PROV_NAMES_SLH_DSA_SHA2_192S, "provider=default", ossl_slh_dsa_sha2_192s_signature_functions, + PROV_DESCS_SLH_DSA_SHA2_192S }, + { PROV_NAMES_SLH_DSA_SHA2_192F, "provider=default", ossl_slh_dsa_sha2_192f_signature_functions, + PROV_DESCS_SLH_DSA_SHA2_192F }, + { PROV_NAMES_SLH_DSA_SHA2_256S, "provider=default", ossl_slh_dsa_sha2_256s_signature_functions, + PROV_DESCS_SLH_DSA_SHA2_256S }, + { PROV_NAMES_SLH_DSA_SHA2_256F, "provider=default", ossl_slh_dsa_sha2_256f_signature_functions, + PROV_DESCS_SLH_DSA_SHA2_256F }, + { PROV_NAMES_SLH_DSA_SHAKE_128S, "provider=default", ossl_slh_dsa_shake_128s_signature_functions, + PROV_DESCS_SLH_DSA_SHAKE_128S }, + { PROV_NAMES_SLH_DSA_SHAKE_128F, "provider=default", ossl_slh_dsa_shake_128f_signature_functions, + PROV_DESCS_SLH_DSA_SHAKE_128F }, + { PROV_NAMES_SLH_DSA_SHAKE_192S, "provider=default", ossl_slh_dsa_shake_192s_signature_functions, + PROV_DESCS_SLH_DSA_SHAKE_192S }, + { PROV_NAMES_SLH_DSA_SHAKE_192F, "provider=default", ossl_slh_dsa_shake_192f_signature_functions, + PROV_DESCS_SLH_DSA_SHAKE_192F }, + { PROV_NAMES_SLH_DSA_SHAKE_256S, "provider=default", ossl_slh_dsa_shake_256s_signature_functions, + PROV_DESCS_SLH_DSA_SHAKE_256S }, + { PROV_NAMES_SLH_DSA_SHAKE_256F, "provider=default", ossl_slh_dsa_shake_256f_signature_functions, + PROV_DESCS_SLH_DSA_SHAKE_256F }, #endif /* OPENSSL_NO_SLH_DSA */ { NULL, NULL, NULL } }; @@ -584,6 +606,28 @@ static const OSSL_ALGORITHM deflt_keymgmt[] = { #ifndef OPENSSL_NO_SLH_DSA { PROV_NAMES_SLH_DSA_SHA2_128S, "provider=default", ossl_slh_dsa_sha2_128s_keymgmt_functions, PROV_DESCS_SLH_DSA_SHA2_128S }, + { PROV_NAMES_SLH_DSA_SHA2_128F, "provider=default", ossl_slh_dsa_sha2_128f_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHA2_128F }, + { PROV_NAMES_SLH_DSA_SHA2_192S, "provider=default", ossl_slh_dsa_sha2_192s_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHA2_192S }, + { PROV_NAMES_SLH_DSA_SHA2_192F, "provider=default", ossl_slh_dsa_sha2_192f_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHA2_192F }, + { PROV_NAMES_SLH_DSA_SHA2_256S, "provider=default", ossl_slh_dsa_sha2_256s_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHA2_256S }, + { PROV_NAMES_SLH_DSA_SHA2_256F, "provider=default", ossl_slh_dsa_sha2_256f_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHA2_256F }, + { PROV_NAMES_SLH_DSA_SHAKE_128S, "provider=default", ossl_slh_dsa_shake_128s_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHAKE_128S }, + { PROV_NAMES_SLH_DSA_SHAKE_128F, "provider=default", ossl_slh_dsa_shake_128f_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHAKE_128F }, + { PROV_NAMES_SLH_DSA_SHAKE_192S, "provider=default", ossl_slh_dsa_shake_192s_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHAKE_192S }, + { PROV_NAMES_SLH_DSA_SHAKE_192F, "provider=default", ossl_slh_dsa_shake_192f_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHAKE_192F }, + { PROV_NAMES_SLH_DSA_SHAKE_256S, "provider=default", ossl_slh_dsa_shake_256s_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHAKE_256S }, + { PROV_NAMES_SLH_DSA_SHAKE_256F, "provider=default", ossl_slh_dsa_shake_256f_keymgmt_functions, + PROV_DESCS_SLH_DSA_SHAKE_256F }, #endif /* OPENSSL_NO_SLH_DSA */ { NULL, NULL, NULL } }; diff --git a/providers/implementations/include/prov/implementations.h b/providers/implementations/include/prov/implementations.h index e73fee2c8fb..b0281e5686b 100644 --- a/providers/implementations/include/prov/implementations.h +++ b/providers/implementations/include/prov/implementations.h @@ -341,6 +341,17 @@ extern const OSSL_DISPATCH ossl_mlx_p384_kem_kmgmt_functions[]; #endif #ifndef OPENSSL_NO_SLH_DSA extern const OSSL_DISPATCH ossl_slh_dsa_sha2_128s_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_128f_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_192s_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_192f_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_256s_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_256f_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_128s_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_128f_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_192s_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_192f_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_256s_keymgmt_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_256f_keymgmt_functions[]; #endif /* OPENSSL_NO_SLH_DSA */ /* Key Exchange */ @@ -413,6 +424,17 @@ extern const OSSL_DISPATCH ossl_ml_dsa_65_signature_functions[]; extern const OSSL_DISPATCH ossl_ml_dsa_87_signature_functions[]; #ifndef OPENSSL_NO_SLH_DSA extern const OSSL_DISPATCH ossl_slh_dsa_sha2_128s_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_128f_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_192s_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_192f_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_256s_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_sha2_256f_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_128s_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_128f_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_192s_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_192f_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_256s_signature_functions[]; +extern const OSSL_DISPATCH ossl_slh_dsa_shake_256f_signature_functions[]; #endif /* OPENSSL_NO_SLH_DSA */ /* Asym Cipher */ diff --git a/providers/implementations/include/prov/names.h b/providers/implementations/include/prov/names.h index 6ff25497f8a..1004d926415 100644 --- a/providers/implementations/include/prov/names.h +++ b/providers/implementations/include/prov/names.h @@ -410,4 +410,26 @@ #define PROV_NAMES_SecP384r1MLKEM1024 "SecP384r1MLKEM1024" #define PROV_DESCS_SecP384r1MLKEM1024 "P-384+ML-KEM-1024 TLS hybrid implementation" #define PROV_NAMES_SLH_DSA_SHA2_128S "SLH-DSA-SHA2-128s:2.16.840.1.101.3.4.3.20" +#define PROV_NAMES_SLH_DSA_SHA2_128F "SLH-DSA-SHA2-128f:2.16.840.1.101.3.4.3.21" +#define PROV_NAMES_SLH_DSA_SHA2_192S "SLH-DSA-SHA2-192s:2.16.840.1.101.3.4.3.22" +#define PROV_NAMES_SLH_DSA_SHA2_192F "SLH-DSA-SHA2-192f:2.16.840.1.101.3.4.3.23" +#define PROV_NAMES_SLH_DSA_SHA2_256S "SLH-DSA-SHA2-256s:2.16.840.1.101.3.4.3.24" +#define PROV_NAMES_SLH_DSA_SHA2_256F "SLH-DSA-SHA2-256f:2.16.840.1.101.3.4.3.25" +#define PROV_NAMES_SLH_DSA_SHAKE_128S "SLH-DSA-SHAKE-128s:2.16.840.1.101.3.4.3.26" +#define PROV_NAMES_SLH_DSA_SHAKE_128F "SLH-DSA-SHAKE-128f:2.16.840.1.101.3.4.3.27" +#define PROV_NAMES_SLH_DSA_SHAKE_192S "SLH-DSA-SHAKE-192s:2.16.840.1.101.3.4.3.28" +#define PROV_NAMES_SLH_DSA_SHAKE_192F "SLH-DSA-SHAKE-192f:2.16.840.1.101.3.4.3.29" +#define PROV_NAMES_SLH_DSA_SHAKE_256S "SLH-DSA-SHAKE-256s:2.16.840.1.101.3.4.3.30" +#define PROV_NAMES_SLH_DSA_SHAKE_256F "SLH-DSA-SHAKE-256f:2.16.840.1.101.3.4.3.31" #define PROV_DESCS_SLH_DSA_SHA2_128S "OpenSSL SLH-DSA-SHA2-128s implementation" +#define PROV_DESCS_SLH_DSA_SHA2_128F "OpenSSL SLH-DSA-SHA2-128f implementation" +#define PROV_DESCS_SLH_DSA_SHA2_192S "OpenSSL SLH-DSA-SHA2-192s implementation" +#define PROV_DESCS_SLH_DSA_SHA2_192F "OpenSSL SLH-DSA-SHA2-192f implementation" +#define PROV_DESCS_SLH_DSA_SHA2_256S "OpenSSL SLH-DSA-SHA2-256s implementation" +#define PROV_DESCS_SLH_DSA_SHA2_256F "OpenSSL SLH-DSA-SHA2-256f implementation" +#define PROV_DESCS_SLH_DSA_SHAKE_128S "OpenSSL SLH-DSA-SHAKE-128s implementation" +#define PROV_DESCS_SLH_DSA_SHAKE_128F "OpenSSL SLH-DSA-SHAKE-128f implementation" +#define PROV_DESCS_SLH_DSA_SHAKE_192S "OpenSSL SLH-DSA-SHAKE-192s implementation" +#define PROV_DESCS_SLH_DSA_SHAKE_192F "OpenSSL SLH-DSA-SHAKE-192f implementation" +#define PROV_DESCS_SLH_DSA_SHAKE_256S "OpenSSL SLH-DSA-SHAKE-256s implementation" +#define PROV_DESCS_SLH_DSA_SHAKE_256F "OpenSSL SLH-DSA-SHAKE-256f implementation" diff --git a/providers/implementations/keymgmt/slh_dsa_kmgmt.c b/providers/implementations/keymgmt/slh_dsa_kmgmt.c index 00ecfa254c7..0d58543f0e8 100644 --- a/providers/implementations/keymgmt/slh_dsa_kmgmt.c +++ b/providers/implementations/keymgmt/slh_dsa_kmgmt.c @@ -248,3 +248,14 @@ const OSSL_DISPATCH ossl_slh_dsa_##fn##_keymgmt_functions[] = { \ } MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-128s", sha2_128s); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-128f", sha2_128f); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-192s", sha2_192s); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-192f", sha2_192f); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-256s", sha2_256s); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHA2-256f", sha2_256f); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHAKE-128s", shake_128s); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHAKE-128f", shake_128f); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHAKE-192s", shake_192s); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHAKE-192f", shake_192f); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHAKE-256s", shake_256s); +MAKE_KEYMGMT_FUNCTIONS("SLH-DSA-SHAKE-256f", shake_256f); diff --git a/providers/implementations/signature/slh_dsa_sig.c b/providers/implementations/signature/slh_dsa_sig.c index 011dc5512b8..ddee41ca759 100644 --- a/providers/implementations/signature/slh_dsa_sig.c +++ b/providers/implementations/signature/slh_dsa_sig.c @@ -242,3 +242,14 @@ const OSSL_DISPATCH ossl_slh_dsa_##fn##_signature_functions[] = { \ } MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-128s", sha2_128s); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-128f", sha2_128f); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-192s", sha2_192s); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-192f", sha2_192f); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-256s", sha2_256s); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHA2-256f", sha2_256f); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHAKE-128s", shake_128s); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHAKE-128f", shake_128f); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHAKE-192s", shake_192s); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHAKE-192f", shake_192f); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHAKE-256s", shake_256s); +MAKE_SIGNATURE_FUNCTIONS("SLH-DSA-SHAKE-256f", shake_256f); diff --git a/test/slh_dsa.inc b/test/slh_dsa.inc index b6df105b0dd..1d8294f3549 100644 --- a/test/slh_dsa.inc +++ b/test/slh_dsa.inc @@ -7,19 +7,26 @@ * https://www.openssl.org/source/license.html */ +#define SLH_DSA_SIG_TEST_DET_ITEM(name, alg) { \ + alg, \ + name##_pub, sizeof(name##_pub), \ + name##_priv, sizeof(name##_priv), \ + name##_msg, sizeof(name##_msg), \ + name##_sig_digest, sizeof(name##_sig_digest), \ +} + #define SLH_DSA_SIG_TEST_ITEM(name, alg) { \ alg, \ name##_pub, sizeof(name##_pub), \ name##_priv, sizeof(name##_priv), \ name##_msg, sizeof(name##_msg), \ - name##_sig_digest, sizeof(name##_sig_digest) \ + name##_sig_digest, sizeof(name##_sig_digest), \ + name##_add_random, sizeof(name##_add_random), \ } #define SLH_DSA_KEYGEN_TEST_ITEM(name, alg) { \ alg, \ name##_keygen_priv, sizeof(name##_keygen_priv), \ - name##_keygen_pub_seed, sizeof(name##_keygen_pub_seed), \ - name##_keygen_pub_expected, sizeof(name##_keygen_pub_expected) \ } typedef struct slh_dsa_sig_test_data_st { @@ -33,16 +40,14 @@ typedef struct slh_dsa_sig_test_data_st { /* This is the sha256 digest of the signature, to reduce its size */ const unsigned char *sig_digest; size_t sig_digest_len; + const unsigned char *add_random; + size_t add_random_len; } SLH_DSA_SIG_TEST_DATA; typedef struct slh_dsa_keygen_test_data_st { const char *name; const uint8_t *priv; size_t priv_len; - const uint8_t *pub_seed; - size_t pub_seed_len; - const uint8_t *pub_expected; - size_t pub_expected_len; } SLH_DSA_KEYGEN_TEST_DATA; /* @@ -69,30 +74,224 @@ static const uint8_t slh_dsa_sha2_128s_0_sig_digest[] = { 0x65, 0x98, 0x91, 0x23, 0x17, 0x52, 0x9a, 0x61, 0xda, 0xe4, 0x32, 0x9b, 0xf1, 0x49, 0xef, 0x8b }; +static const uint8_t slh_dsa_sha2_192f_0_priv[] = { + 0xc1, 0x0a, 0xdc, 0x69, 0x2b, 0x76, 0xff, 0x6f, 0x34, 0xa6, 0xf0, 0xc8, 0xff, 0xe2, 0xbb, 0x88, + 0xe8, 0x41, 0xeb, 0xd9, 0x2d, 0xa7, 0xff, 0xec, 0xdd, 0x3b, 0xf6, 0xc1, 0x05, 0x66, 0xa0, 0xcf, + 0x69, 0x8e, 0x39, 0x3d, 0xfb, 0x84, 0x58, 0x7d, 0x3b, 0xc8, 0xc7, 0xde, 0x58, 0x69, 0x66, 0x8c, +}; +static const uint8_t slh_dsa_sha2_192f_0_pub[] = { + 0x36, 0xf7, 0xaa, 0x6b, 0x6f, 0x82, 0xa7, 0xf3, 0xc1, 0x09, 0xe8, 0x81, 0x73, 0xa1, 0xe5, 0xf4, + 0x0f, 0xa5, 0x29, 0xa2, 0x9f, 0x48, 0x5c, 0xcb, 0x40, 0xbb, 0x24, 0x7b, 0x9c, 0xba, 0xda, 0x95, + 0x83, 0x92, 0x42, 0x5b, 0xff, 0x8b, 0x20, 0x28, 0x9b, 0x0f, 0x11, 0xaa, 0x3a, 0x51, 0x4e, 0x54, +}; +static const uint8_t slh_dsa_sha2_192f_0_add_random[] = { + 0xe6, 0xe7, 0x1a, 0x97, 0x57, 0x07, 0x75, 0xb3, 0x54, 0x98, 0x28, 0x7f, 0x81, 0x8d, 0x8c, 0x2a, + 0x96, 0x00, 0x05, 0x76, 0xc8, 0x5c, 0x0c, 0x71, +}; +static const uint8_t slh_dsa_sha2_192f_0_msg[] = { 0x0E, 0x54 }; +static const uint8_t slh_dsa_sha2_192f_0_sig_digest[] = { + 0xd0, 0x5e, 0xec, 0x26, 0xb1, 0x2e, 0x21, 0x9b, 0x83, 0xe2, 0x96, 0x84, 0xff, 0x88, 0xa8, 0x2a, + 0x49, 0xe4, 0xd2, 0xc5, 0x2e, 0x43, 0x8b, 0xcf, 0x15, 0xa5, 0xf6, 0x18, 0x10, 0x51, 0x6c, 0x2e, +}; +static const uint8_t slh_dsa_sha2_256f_0_priv[] = { + 0x1a, 0x5a, 0x6a, 0x0c, 0x8a, 0xae, 0x35, 0x9c, 0xda, 0xce, 0x45, 0x67, 0x42, 0xc3, 0x71, 0x23, + 0xe8, 0xc5, 0xad, 0x9c, 0xfe, 0xab, 0x75, 0x1b, 0x1d, 0x92, 0x11, 0x6c, 0x81, 0xd6, 0xf5, 0x2c, + 0xb0, 0x10, 0x08, 0x63, 0x37, 0xe5, 0xfb, 0x27, 0xe6, 0x74, 0xc7, 0xf6, 0xee, 0x14, 0x4c, 0xec, + 0x10, 0xee, 0xf8, 0x87, 0x80, 0xf1, 0x0f, 0x0c, 0xf3, 0xf7, 0x43, 0xc8, 0xb7, 0xdb, 0x15, 0xce, +}; +static const uint8_t slh_dsa_sha2_256f_0_pub[] = { + 0x03, 0x90, 0xbf, 0x5e, 0xcc, 0x8f, 0xf5, 0xa0, 0x07, 0x23, 0x6c, 0x56, 0xbf, 0x9d, 0x9d, 0x46, + 0xa3, 0x53, 0x4e, 0x54, 0x58, 0x36, 0xcf, 0x7a, 0xdf, 0x20, 0x0d, 0xd2, 0x86, 0x2f, 0x91, 0x1b, + 0x74, 0x09, 0x5e, 0x73, 0xe6, 0x36, 0x41, 0xfa, 0xb2, 0x6b, 0xd7, 0x17, 0xab, 0x29, 0xbb, 0x1e, + 0xd8, 0x73, 0x5c, 0x53, 0x61, 0x32, 0xa1, 0x9e, 0xac, 0x5d, 0xae, 0xd8, 0xa0, 0x7c, 0xf3, 0xb5, +}; +static const uint8_t slh_dsa_sha2_256f_0_msg[] = { + 0xDC, 0x09 +}; +static const uint8_t slh_dsa_sha2_256f_0_sig_digest[] = { + 0x13, 0xb7, 0x78, 0xcd, 0x29, 0xf4, 0x55, 0x35, 0xcc, 0xe4, 0x56, 0xad, 0x36, 0xff, 0xad, 0x50, + 0x54, 0xc3, 0x14, 0xbe, 0x5f, 0x59, 0xa5, 0x9a, 0xcf, 0xa5, 0x18, 0xb1, 0x6a, 0x6f, 0x57, 0xf0, +}; + +static const uint8_t slh_dsa_shake_128s_0_priv[] = { + 0x4c, 0xf2, 0xbb, 0xc4, 0x7b, 0x14, 0x51, 0x80, 0xd1, 0xee, 0xa2, 0x98, 0x0c, 0xfb, 0xe2, 0xdc, + 0xc4, 0xf0, 0x70, 0xaf, 0x5b, 0xaf, 0x81, 0xab, 0x2e, 0xae, 0x38, 0x14, 0x4c, 0x35, 0x76, 0xa5, +}; +static const uint8_t slh_dsa_shake_128s_0_pub[] = { + 0x10, 0x96, 0xaa, 0x01, 0x4c, 0x35, 0x03, 0x02, 0xe1, 0x96, 0x31, 0x7e, 0x0d, 0xbf, 0xb2, 0x91, + 0xd2, 0x4e, 0x52, 0x92, 0x09, 0xde, 0xb4, 0x97, 0x03, 0xcc, 0x3a, 0xd2, 0x9d, 0xfc, 0xe2, 0x4d, +}; +static const uint8_t slh_dsa_shake_128s_0_msg[] = { 0xD3, 0x7C }; +static const uint8_t slh_dsa_shake_128s_0_sig_digest[] = { + 0xcb, 0xc5, 0xbc, 0x43, 0x51, 0xa1, 0x16, 0xcb, 0x7b, 0x38, 0x28, 0x2c, 0xf9, 0xc9, 0x95, 0x56, + 0x2b, 0x73, 0x6e, 0x85, 0xdc, 0xa6, 0xad, 0xda, 0x42, 0xce, 0x39, 0x90, 0xb8, 0x91, 0xa4, 0x13, +}; + +static const uint8_t slh_dsa_shake_256f_0_priv[] = { + 0xf7, 0x1d, 0x42, 0xf7, 0x34, 0xb0, 0x73, 0x93, 0x88, 0x74, 0x38, 0xfc, 0x47, 0xc8, 0x5e, 0x60, + 0x23, 0x92, 0x9d, 0xae, 0xeb, 0x86, 0x44, 0xe7, 0xe5, 0xbd, 0xb9, 0x4d, 0xf0, 0x0a, 0x8e, 0x48, + 0xa4, 0xee, 0x88, 0x08, 0xd9, 0x5d, 0x81, 0x1a, 0x10, 0x55, 0xe0, 0xb1, 0xba, 0x89, 0xe0, 0x8b, + 0xbd, 0xf7, 0x2b, 0xe2, 0x91, 0x2e, 0x2b, 0x7f, 0x6b, 0xf9, 0x73, 0xa6, 0x55, 0xcd, 0x5b, 0x1b, +}; +static const uint8_t slh_dsa_shake_256f_0_pub[] = { + 0xf6, 0x62, 0x20, 0x15, 0x24, 0x3a, 0xbd, 0x05, 0x3b, 0x45, 0x63, 0xb9, 0x16, 0xa8, 0xf3, 0x7c, + 0x67, 0xa6, 0xe3, 0x0a, 0xd1, 0xc8, 0x5d, 0x65, 0xed, 0x7d, 0x3c, 0xcf, 0x53, 0xd0, 0x8f, 0x27, + 0xde, 0xea, 0x9d, 0x3e, 0x58, 0xe4, 0xc1, 0x86, 0xb3, 0x75, 0x70, 0x11, 0x0f, 0x35, 0xd5, 0xd4, + 0xe4, 0xcf, 0x36, 0xbc, 0x9e, 0x5b, 0x26, 0xa4, 0x75, 0xbe, 0x3f, 0x36, 0x26, 0xd5, 0x3e, 0xcb, +}; +static const uint8_t slh_dsa_shake_256f_0_msg[] = { 0x52 }; +static const uint8_t slh_dsa_shake_256f_0_sig_digest[] = { + 0x83, 0x30, 0x10, 0x89, 0x2d, 0x88, 0xfe, 0xf0, 0xf6, 0x6a, 0x81, 0x46, 0xab, 0x8d, 0x8f, 0x73, + 0xfe, 0xe5, 0xf8, 0xec, 0xea, 0xad, 0x8c, 0xdc, 0x36, 0xfc, 0xb8, 0x9a, 0xf5, 0xaa, 0x9c, 0x41, +}; + +static const uint8_t slh_dsa_shake_128f_0_priv[] = { + 0x75, 0x10, 0x49, 0x1b, 0x47, 0x0a, 0xe3, 0x65, 0x8e, 0xd5, 0x0a, 0xd7, 0xa4, 0xe6, 0xc5, 0x8c, + 0x86, 0x33, 0x67, 0x42, 0xc3, 0x24, 0x4b, 0x95, 0xaa, 0x33, 0x8b, 0x70, 0x89, 0xdf, 0x84, 0xb8, +}; +static const uint8_t slh_dsa_shake_128f_0_pub[] = { + 0x3d, 0x17, 0x30, 0x69, 0x3a, 0xdd, 0xc8, 0x9b, 0xf7, 0xb8, 0x1e, 0x32, 0x13, 0x6a, 0x28, 0xc6, + 0xec, 0x8d, 0x96, 0xc4, 0x6d, 0x3b, 0xbe, 0x28, 0x12, 0xa5, 0x5b, 0x98, 0xe3, 0x89, 0x26, 0xae, +}; +static const uint8_t slh_dsa_shake_128f_0_add_random[] = { + 0xfe, 0x4b, 0x12, 0xe6, 0x8b, 0x0e, 0x3b, 0x91, 0x01, 0xb2, 0x0c, 0x17, 0xc5, 0x71, 0x1c, 0x59, +}; +static const uint8_t slh_dsa_shake_128f_0_msg[] = { + 0x23, 0x95, 0xf6, 0x4a, 0x2a, 0x92, 0x69, 0x86, 0x32, 0x77, 0x73, 0x1e, 0x43, 0x57, 0x70, 0x01, + 0x8f, 0xc3, 0x18, 0xd8, 0xf6, 0x4b, 0x5b, 0x7d, 0x7d, 0x91, 0xd5, 0x2d, 0xaa, 0x7e, 0x0d, 0x1e, + 0x51, 0xcf, 0xc8, 0xf9, 0xe1, 0x14, 0x7b, 0x8e, 0xe9, 0x40, 0x67, 0xa3, 0x87, 0x61, 0xf7, 0x64, + 0x02, 0xb5, 0x55, 0xb1, 0x04, 0x17, 0x5b, 0xeb, 0x8f, 0xd8, 0x5e, 0xa5, 0x20, 0x52, 0xc6, 0x99, + 0x1a, 0xfb, 0x7f, 0x3b, 0xbb, 0x72, 0xb6, 0xe5, 0x75, 0x1d, 0xef, 0x52, 0x37, 0xeb, 0x55, 0xdc, + 0x37, 0xf5, 0x7f, 0x71, 0x17, 0x28, 0x19, 0xd1, 0x0a, 0x84, 0x6c, 0x97, 0xf9, 0xf0, 0xab, 0xd9, + 0x92, 0x9e, 0x8e, 0xdd, 0x3e, 0x2f, 0x5a, 0x82, 0x26, 0x6d, 0xda, 0x1e, 0xe8, 0x66, 0x6f, 0xfc, + 0x6f, 0x58, 0x96, 0xcc, 0x2c, 0x59, 0x37, 0xa9, 0xd8, 0xbe, 0x6a, 0x16, 0xf5, 0xdd, 0x52, 0x4f, + 0x3b, 0xd8, 0xb9, 0xa6, 0xe7, 0xc5, 0x34, 0xcd, 0xc1, 0xac, 0xcb, 0x4f, 0xd1, 0xf1, 0x90, 0x75, + 0x9a, 0x61, 0x74, 0x4b, 0x3f, 0xe7, 0xb1, 0x4c, 0x44, 0x76, 0xa2, 0x73, 0xfd, 0x1c, 0x2e, 0xf1, + 0xbd, 0xab, 0x0f, 0x78, 0xdc, 0x09, 0x5e, 0xe4, 0xa3, +}; +static const uint8_t slh_dsa_shake_128f_0_sig_digest[] = { + 0xd9, 0xee, 0x15, 0x31, 0xeb, 0xab, 0x30, 0xd5, 0xd9, 0xb1, 0x0f, 0x43, 0x74, 0xbd, 0xf9, 0xf6, + 0xc0, 0xb5, 0x87, 0xd0, 0xa2, 0x19, 0x0c, 0x9e, 0x2c, 0x98, 0xc7, 0xa3, 0x71, 0x17, 0x4a, 0x41, +}; + static SLH_DSA_SIG_TEST_DATA slh_dsa_sig_testdata[] = { - SLH_DSA_SIG_TEST_ITEM(slh_dsa_sha2_128s_0, "SLH-DSA-SHA2-128s"), + SLH_DSA_SIG_TEST_DET_ITEM(slh_dsa_sha2_128s_0, "SLH-DSA-SHA2-128s"), + SLH_DSA_SIG_TEST_ITEM(slh_dsa_sha2_192f_0, "SLH-DSA-SHA2-192f"), + SLH_DSA_SIG_TEST_DET_ITEM(slh_dsa_sha2_256f_0, "SLH-DSA-SHA2-256f"), + SLH_DSA_SIG_TEST_DET_ITEM(slh_dsa_shake_128s_0, "SLH-DSA-SHAKE-128s"), + SLH_DSA_SIG_TEST_ITEM(slh_dsa_shake_128f_0, "SLH-DSA-SHAKE-128f"), + SLH_DSA_SIG_TEST_DET_ITEM(slh_dsa_shake_256f_0, "SLH-DSA-SHAKE-256f"), }; -/* skSeed || skPrf */ static const uint8_t slh_dsa_sha2_128s_0_keygen_priv[] = { - 0x2F, 0x89, 0x6D, 0x61, 0xD9, 0xCD, 0x90, 0x38, - 0xCA, 0x30, 0x33, 0x94, 0xFA, 0xDA, 0xA2, 0x2A, - 0x24, 0xAC, 0x5E, 0xC1, 0xD8, 0x6A, 0x98, 0x9C, - 0xA2, 0x19, 0x6C, 0x3C, 0x86, 0x32, 0x41, 0x9C, -}; -/* pkSeed */ -static const uint8_t slh_dsa_sha2_128s_0_keygen_pub_seed[] = { - 0x1A, 0x05, 0xA4, 0x2F, 0xE3, 0x00, 0xE8, 0x7B, - 0x16, 0xAE, 0xE1, 0x16, 0xCB, 0x2E, 0x23, 0x63, -}; -/* pkSeed || pkRoot */ -static const uint8_t slh_dsa_sha2_128s_0_keygen_pub_expected[] = { - 0x1A, 0x05, 0xA4, 0x2F, 0xE3, 0x00, 0xE8, 0x7B, - 0x16, 0xAE, 0xE1, 0x16, 0xCB, 0x2E, 0x23, 0x63, - 0x58, 0xE2, 0xC3, 0xE6, 0x26, 0x32, 0xC9, 0xDE, - 0x03, 0xD0, 0x8A, 0x53, 0x5A, 0x0E, 0xB7, 0xE7, + 0xaa, 0x9c, 0xc7, 0xdc, 0xa4, 0x91, 0xfc, 0x86, 0xbc, 0xb1, 0x5a, 0x70, 0x9a, 0x15, 0xe9, 0xb3, + 0x90, 0x5c, 0x80, 0x0b, 0x6e, 0x2f, 0xb9, 0xb5, 0x4b, 0x6b, 0x05, 0x0e, 0xe5, 0xe4, 0xde, 0x9a, + 0xfa, 0x54, 0x64, 0xd1, 0xc6, 0x61, 0xfe, 0xd3, 0x8b, 0x2a, 0x51, 0xca, 0x3e, 0xae, 0x71, 0xba, + 0xca, 0xe3, 0xd1, 0x86, 0x52, 0x15, 0xe3, 0xd3, 0x85, 0x0e, 0x8c, 0x1b, 0x82, 0x92, 0xbf, 0x42, +}; +static const uint8_t slh_dsa_sha2_128f_0_keygen_priv[] = { + 0xe2, 0xbd, 0xaa, 0x37, 0xc8, 0xcf, 0xfe, 0x5e, 0x8d, 0x56, 0x76, 0xc2, 0x32, 0x67, 0x89, 0x0c, + 0x31, 0x44, 0x17, 0x58, 0xf5, 0x73, 0x28, 0x58, 0x81, 0xcd, 0xc8, 0x2a, 0xb9, 0x11, 0xdd, 0x84, + 0x72, 0xdc, 0x8d, 0x26, 0xdf, 0x6e, 0xf7, 0x08, 0xf4, 0xc4, 0x1a, 0xf9, 0xfd, 0x04, 0xb6, 0x5a, + 0x89, 0x27, 0x92, 0x72, 0x29, 0x89, 0x1d, 0x47, 0xa6, 0x0d, 0x67, 0xec, 0xef, 0x3d, 0x2c, 0x17, +}; +static const uint8_t slh_dsa_sha2_192s_0_keygen_priv[] = { + 0x44, 0x2e, 0x44, 0x6e, 0x73, 0x33, 0x0a, 0xfb, 0x98, 0x70, 0x46, 0x56, 0x32, 0x8f, 0x4d, 0xd7, + 0x33, 0x4f, 0x8a, 0x9a, 0xb4, 0xd9, 0x2c, 0xbe, 0x79, 0x0f, 0x91, 0xc2, 0xe9, 0x2a, 0x81, 0xaf, + 0xee, 0x0a, 0x7e, 0xc4, 0x5a, 0x3d, 0x60, 0x93, 0x46, 0x27, 0x6f, 0x5a, 0x32, 0x87, 0x55, 0xa1, + 0x7d, 0xd4, 0x16, 0x08, 0xf5, 0x9e, 0x49, 0x26, 0x68, 0xd8, 0x1d, 0x03, 0x44, 0x13, 0x94, 0xfe, + 0x7a, 0x8e, 0x7e, 0x58, 0x70, 0x5d, 0x76, 0x32, 0xba, 0x8b, 0xc6, 0x6d, 0x04, 0xc9, 0x9e, 0xe5, + 0xc7, 0x21, 0xe4, 0xff, 0x4b, 0xbe, 0x78, 0x15, 0xcc, 0xf9, 0x23, 0xe8, 0x1e, 0x10, 0xc4, 0x75, +}; +static const uint8_t slh_dsa_sha2_192f_0_keygen_priv[] = { + 0x94, 0x2d, 0xd5, 0x88, 0xb0, 0xe0, 0x63, 0x60, 0x60, 0xb1, 0x02, 0x3b, 0xaf, 0x1d, 0xf3, 0x60, + 0x02, 0xb9, 0xd3, 0xc7, 0x25, 0x69, 0x04, 0xf9, 0x48, 0x59, 0x6f, 0x0f, 0x2f, 0x17, 0x50, 0x55, + 0x85, 0xf0, 0x22, 0x42, 0x34, 0x33, 0xb3, 0xa3, 0xef, 0x50, 0x97, 0x7b, 0x98, 0xb0, 0x1e, 0x8e, + 0x3e, 0x1d, 0x7d, 0xcf, 0x88, 0x0c, 0x2e, 0xa3, 0xc8, 0x87, 0x21, 0x22, 0xa9, 0x96, 0xd5, 0xd6, + 0x23, 0x3b, 0xdf, 0xbd, 0x57, 0xfa, 0x64, 0x1f, 0xad, 0x3c, 0x81, 0xbb, 0xe6, 0x77, 0x8b, 0x1f, + 0x78, 0x81, 0x95, 0x13, 0x1b, 0x3f, 0xca, 0x91, 0x85, 0x4f, 0xf3, 0xb0, 0x75, 0xbf, 0x00, 0x09, +}; +static const uint8_t slh_dsa_sha2_256s_0_keygen_priv[] = { + 0xae, 0x6c, 0xa8, 0x66, 0x4e, 0xc0, 0xb9, 0x17, 0x9d, 0x4e, 0x33, 0xc4, 0xde, 0xfe, 0x01, 0xfc, + 0xd5, 0x89, 0xf6, 0x0b, 0xa4, 0x50, 0x2f, 0xe7, 0x41, 0x6f, 0x2a, 0xcd, 0x96, 0xe1, 0x39, 0xf1, + 0x3f, 0xda, 0x20, 0x69, 0x14, 0x7f, 0x44, 0xea, 0xbd, 0x5b, 0xbf, 0x29, 0xc7, 0x4a, 0x20, 0xcb, + 0x0f, 0x0c, 0xc2, 0xa1, 0x2b, 0xab, 0x58, 0x34, 0xb7, 0x73, 0x53, 0x0a, 0xf5, 0x04, 0x90, 0x0a, + 0x13, 0x4d, 0x5e, 0xd3, 0xc6, 0x0b, 0x46, 0x34, 0x4a, 0x84, 0xa4, 0x5d, 0x46, 0x83, 0xb1, 0xac, + 0x55, 0xfb, 0x22, 0x88, 0x6b, 0xa9, 0x47, 0x8e, 0xa9, 0xca, 0x93, 0xf2, 0x7b, 0x9a, 0xa2, 0xc2, + 0x7c, 0x5c, 0x99, 0x08, 0xf0, 0x86, 0xe5, 0x79, 0x56, 0xf8, 0x5d, 0xe8, 0x4b, 0x43, 0x8e, 0xf1, + 0xf0, 0x82, 0xcd, 0x17, 0x6d, 0xff, 0x3c, 0x5b, 0x8b, 0xe7, 0x10, 0xbc, 0x86, 0x99, 0xa1, 0x43, +}; +static const uint8_t slh_dsa_sha2_256f_0_keygen_priv[] = { + 0x37, 0xd1, 0x80, 0x6d, 0xd0, 0x90, 0x35, 0x30, 0x64, 0xa9, 0x82, 0x27, 0x6a, 0xeb, 0xd2, 0x0e, + 0x73, 0x18, 0xf3, 0x6b, 0x17, 0xec, 0x52, 0x09, 0xd4, 0x00, 0x66, 0x51, 0x76, 0x0c, 0xa0, 0x43, + 0x89, 0x66, 0x30, 0xd5, 0x1c, 0x45, 0xa8, 0xf7, 0xc1, 0xda, 0x31, 0x19, 0x2f, 0x41, 0x20, 0x4d, + 0xeb, 0x71, 0xbb, 0xc4, 0xfb, 0x47, 0x70, 0x0a, 0x91, 0xec, 0x47, 0xbb, 0x4a, 0xcf, 0x3a, 0x38, + 0xda, 0xbb, 0xd0, 0x01, 0x12, 0x52, 0x0e, 0x60, 0x06, 0x1d, 0xa2, 0x3f, 0x4c, 0x83, 0xa5, 0xc4, + 0x75, 0xa0, 0xad, 0x3a, 0xb7, 0x5f, 0x59, 0xe5, 0xc7, 0xb8, 0xce, 0x24, 0x30, 0xde, 0xb4, 0x80, + 0xc0, 0x78, 0x49, 0xdd, 0x9f, 0x8d, 0x99, 0x3d, 0xce, 0x56, 0x85, 0xd0, 0x84, 0x01, 0x34, 0xbd, + 0x11, 0x59, 0x20, 0x55, 0xf7, 0x4c, 0xde, 0x3a, 0xa9, 0xe7, 0xd2, 0x5b, 0x33, 0xc3, 0x10, 0x67, +}; + +static const uint8_t slh_dsa_shake_128s_0_keygen_priv[] = { + 0xec, 0xd0, 0xa0, 0x56, 0x96, 0xc2, 0xec, 0x6b, 0xfe, 0x85, 0xb8, 0xb1, 0xb2, 0x02, 0x24, 0x86, + 0xbf, 0xd8, 0x73, 0x2b, 0x1a, 0x42, 0xce, 0xa2, 0x36, 0xe9, 0x82, 0x2a, 0xa9, 0xe7, 0x24, 0xe6, + 0x37, 0xd6, 0x64, 0x79, 0x21, 0x98, 0x17, 0x6c, 0x12, 0xe8, 0x12, 0x1c, 0xcf, 0x69, 0xe6, 0x84, + 0xfc, 0xf6, 0xff, 0xe2, 0xa0, 0x42, 0x43, 0xdc, 0x3e, 0x8e, 0xd3, 0xee, 0x6e, 0x44, 0xcd, 0xef, +}; +static const uint8_t slh_dsa_shake_128f_0_keygen_priv[] = { + 0xbb, 0xc7, 0x43, 0x06, 0xf7, 0x5d, 0xc2, 0xda, 0xf7, 0x37, 0x2b, 0x3c, 0x98, 0x41, 0xa4, 0xd6, + 0x85, 0x2c, 0x17, 0xb4, 0x59, 0xf1, 0x69, 0x2b, 0x8e, 0x9a, 0x1a, 0x0d, 0xac, 0xe5, 0xba, 0x26, + 0x38, 0x0c, 0x99, 0x30, 0x4a, 0x0d, 0xdd, 0x32, 0xf3, 0x44, 0xb9, 0x51, 0x44, 0xe1, 0xfd, 0xef, + 0x60, 0xbb, 0xc2, 0x34, 0x0e, 0x08, 0x77, 0x0f, 0xb4, 0x1a, 0x80, 0xa7, 0x6c, 0xb0, 0x8e, 0x34, +}; +static const uint8_t slh_dsa_shake_192s_0_keygen_priv[] = { + 0x2d, 0x57, 0x48, 0xb1, 0xac, 0xda, 0x82, 0x99, 0xe2, 0xe9, 0x05, 0x54, 0x5d, 0x2e, 0x66, 0xdf, + 0xce, 0xc0, 0x24, 0x61, 0xbc, 0x36, 0x73, 0xdd, 0x9d, 0x83, 0x04, 0x16, 0xb1, 0xb8, 0x2a, 0x66, + 0x5d, 0xd4, 0x35, 0xa3, 0xf3, 0xa8, 0xe2, 0x12, 0x4d, 0xf5, 0x9a, 0x0e, 0x2b, 0xc2, 0xec, 0x73, + 0x63, 0x3f, 0xf6, 0x5c, 0x72, 0x4a, 0xe1, 0x70, 0x45, 0xc0, 0x94, 0x61, 0x75, 0x49, 0x08, 0x1c, + 0x94, 0x0f, 0x2e, 0xf4, 0xd4, 0xa1, 0x0e, 0x75, 0x59, 0xc7, 0x50, 0x3f, 0xe1, 0xe9, 0x6f, 0xb6, + 0x7b, 0x0e, 0x32, 0xac, 0xdc, 0xf7, 0x12, 0xfb, 0xef, 0x61, 0x0f, 0x8d, 0x21, 0xda, 0xac, 0x86, +}; +static const uint8_t slh_dsa_shake_192f_0_keygen_priv[] = { + 0x3b, 0x78, 0x89, 0xd2, 0x54, 0xf5, 0xad, 0x87, 0x88, 0x2d, 0xac, 0xbf, 0x3c, 0x58, 0x49, 0x56, + 0x67, 0x40, 0x16, 0x01, 0xec, 0x47, 0x39, 0x79, 0x7e, 0x93, 0x5c, 0xbc, 0x27, 0xf3, 0xd7, 0xcd, + 0x62, 0x7b, 0x61, 0x1c, 0xbe, 0xf7, 0x54, 0x6c, 0x7f, 0x27, 0x75, 0x1e, 0x18, 0x15, 0x5c, 0xc4, + 0x26, 0x6b, 0x6f, 0xb5, 0x6b, 0xd0, 0xd9, 0x22, 0xe0, 0x48, 0x27, 0x00, 0xa4, 0x28, 0x0c, 0xc1, + 0xf0, 0x70, 0x52, 0x80, 0x4a, 0x8f, 0x46, 0xfd, 0xed, 0x39, 0x54, 0xba, 0x0a, 0x9d, 0xa4, 0x5d, + 0x0d, 0x18, 0x86, 0x74, 0x37, 0x77, 0x7f, 0x60, 0x21, 0x1b, 0xb9, 0xcd, 0x03, 0xa6, 0x0d, 0x4b, +}; +static const uint8_t slh_dsa_shake_256s_0_keygen_priv[] = { + 0xa6, 0x53, 0x91, 0x8f, 0xa5, 0x57, 0xb5, 0x25, 0x0d, 0x11, 0xe9, 0x6a, 0x74, 0xf5, 0xd8, 0xc6, + 0x2b, 0x5f, 0xf6, 0x71, 0x52, 0xac, 0xf2, 0x27, 0xaa, 0xf4, 0xbf, 0x52, 0x11, 0xaa, 0x60, 0x0e, + 0x96, 0x1b, 0x4e, 0x67, 0x9c, 0xeb, 0x9d, 0x4e, 0x24, 0xdf, 0x86, 0xed, 0x22, 0xf4, 0x05, 0xd8, + 0xed, 0xe5, 0x62, 0x36, 0x72, 0xf4, 0x73, 0x7f, 0xc2, 0xfb, 0x65, 0xf8, 0xbf, 0x3b, 0x55, 0x6c, + 0x31, 0x5a, 0x5e, 0x79, 0x5b, 0x70, 0x16, 0x76, 0xe6, 0xb8, 0x30, 0x9c, 0x89, 0xcc, 0x6a, 0xd0, + 0xc3, 0xd6, 0x9f, 0xf4, 0xf7, 0xf4, 0x32, 0xdc, 0x61, 0x32, 0x9f, 0xbb, 0x1b, 0xe6, 0x06, 0x9f, + 0x08, 0x87, 0xb1, 0xa8, 0xf1, 0xb3, 0xa8, 0xb9, 0x77, 0x0a, 0x08, 0x71, 0x63, 0x0e, 0x46, 0xdd, + 0x04, 0x79, 0xc5, 0xbd, 0x12, 0x3e, 0x8e, 0xeb, 0x6b, 0xe7, 0x0f, 0x29, 0x99, 0xc4, 0x66, 0xa1, +}; +static const uint8_t slh_dsa_shake_256f_0_keygen_priv[] = { + 0xd5, 0x0f, 0x77, 0x71, 0x3c, 0xf5, 0x91, 0x93, 0xfe, 0x5f, 0x10, 0xb8, 0xaa, 0xf1, 0x87, 0x6b, + 0x0d, 0x3e, 0x7e, 0x41, 0x81, 0xed, 0x3f, 0xae, 0x34, 0x68, 0x76, 0x26, 0x98, 0x01, 0x75, 0x84, + 0x36, 0xc2, 0x2b, 0x81, 0x94, 0x04, 0x03, 0x15, 0x74, 0x46, 0xd4, 0x4f, 0x04, 0xc0, 0x9f, 0xd2, + 0x8d, 0xf7, 0x2c, 0x6d, 0x40, 0x21, 0xb2, 0x71, 0x54, 0x40, 0x55, 0x78, 0x30, 0x81, 0xb7, 0xc0, + 0x46, 0xd2, 0xac, 0x50, 0x75, 0x1a, 0x0c, 0x71, 0xec, 0x85, 0x0b, 0xb7, 0xd1, 0x6a, 0x67, 0x9a, + 0x66, 0x90, 0x1e, 0xee, 0x05, 0x38, 0x9d, 0x46, 0x15, 0x94, 0x0e, 0xfd, 0x89, 0xc0, 0x18, 0x2f, + 0xde, 0xbc, 0xfb, 0xf3, 0x52, 0x7c, 0xc7, 0x68, 0xc5, 0xec, 0x6c, 0xb5, 0xb6, 0xcc, 0x10, 0xa6, + 0x74, 0x39, 0x07, 0x45, 0xd8, 0x61, 0x2d, 0x09, 0x20, 0x18, 0x7d, 0xf6, 0x58, 0xd3, 0xb7, 0xef, }; static const SLH_DSA_KEYGEN_TEST_DATA slh_dsa_keygen_testdata[] = { SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_sha2_128s_0, "SLH-DSA-SHA2-128s"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_sha2_128f_0, "SLH-DSA-SHA2-128f"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_sha2_192s_0, "SLH-DSA-SHA2-192s"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_sha2_192f_0, "SLH-DSA-SHA2-192f"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_sha2_256s_0, "SLH-DSA-SHA2-256s"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_sha2_256f_0, "SLH-DSA-SHA2-256f"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_shake_128s_0, "SLH-DSA-SHAKE-128s"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_shake_128f_0, "SLH-DSA-SHAKE-128f"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_shake_192s_0, "SLH-DSA-SHAKE-192s"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_shake_192f_0, "SLH-DSA-SHAKE-192f"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_shake_256s_0, "SLH-DSA-SHAKE-256s"), + SLH_DSA_KEYGEN_TEST_ITEM(slh_dsa_shake_256f_0, "SLH-DSA-SHAKE-256f"), }; diff --git a/test/slh_dsa_test.c b/test/slh_dsa_test.c index 261161679fc..307791cfd49 100644 --- a/test/slh_dsa_test.c +++ b/test/slh_dsa_test.c @@ -135,18 +135,20 @@ end: static int slh_dsa_key_eq_test(void) { int ret = 0; - EVP_PKEY *key[2] = { NULL, NULL }; + EVP_PKEY *key[3] = { NULL, NULL, NULL }; SLH_DSA_SIG_TEST_DATA *td1 = &slh_dsa_sig_testdata[0]; + SLH_DSA_SIG_TEST_DATA *td2 = &slh_dsa_sig_testdata[1]; #ifndef OPENSSL_NO_EC EVP_PKEY *eckey = NULL; #endif if (!TEST_ptr(key[0] = slh_dsa_pubkey_from_data(td1->alg, td1->pub, td1->pub_len)) - || !TEST_ptr(key[1] = slh_dsa_pubkey_from_data(td1->alg, td1->pub, td1->pub_len))) + || !TEST_ptr(key[1] = slh_dsa_pubkey_from_data(td1->alg, td1->pub, td1->pub_len)) + || !TEST_ptr(key[2] = slh_dsa_pubkey_from_data(td2->alg, td2->pub, td2->pub_len))) goto end; - ret = TEST_int_eq(EVP_PKEY_eq(key[0], key[1]), 1); - if (ret == 0) + if (!TEST_int_eq(EVP_PKEY_eq(key[0], key[1]), 1) + || !TEST_int_ne(EVP_PKEY_eq(key[0], key[2]), 1)) goto end; #ifndef OPENSSL_NO_EC @@ -156,6 +158,7 @@ static int slh_dsa_key_eq_test(void) EVP_PKEY_free(eckey); #endif end: + EVP_PKEY_free(key[2]); EVP_PKEY_free(key[1]); EVP_PKEY_free(key[0]); return ret; @@ -216,14 +219,14 @@ err: return ret; } -static int slh_dsa_sign_verify_test(void) +static int slh_dsa_sign_verify_test(int tst_id) { int ret = 0; - SLH_DSA_SIG_TEST_DATA *td = &slh_dsa_sig_testdata[0]; + SLH_DSA_SIG_TEST_DATA *td = &slh_dsa_sig_testdata[tst_id]; EVP_PKEY_CTX *sctx = NULL; EVP_PKEY *pkey = NULL; EVP_SIGNATURE *sig_alg = NULL; - OSSL_PARAM params[3], *p = params; + OSSL_PARAM params[4], *p = params; uint8_t sig[64 * 1024]; size_t sig_len = sizeof(sig); uint8_t digest[32]; @@ -232,6 +235,10 @@ static int slh_dsa_sign_verify_test(void) *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_DETERMINISTIC, &deterministic); *p++ = OSSL_PARAM_construct_int(OSSL_SIGNATURE_PARAM_MESSAGE_ENCODING, &encode); + if (td->add_random != NULL) + *p++ = OSSL_PARAM_construct_octet_string(OSSL_SIGNATURE_PARAM_ADD_RANDOM, + (char *)td->add_random, + td->add_random_len); *p = OSSL_PARAM_construct_end(); /* @@ -266,16 +273,18 @@ err: return ret; } -static int slh_dsa_keygen_test(void) +static int slh_dsa_keygen_test(int tst_id) { int ret = 0; - const SLH_DSA_KEYGEN_TEST_DATA *tst = &slh_dsa_keygen_testdata[0]; + const SLH_DSA_KEYGEN_TEST_DATA *tst = &slh_dsa_keygen_testdata[tst_id]; EVP_PKEY *pkey = NULL; uint8_t priv[32 * 2], pub[32 * 2]; size_t priv_len, pub_len; + size_t key_len = tst->priv_len / 2; + size_t n = key_len / 2; - if (!TEST_true(set_entropy(tst->priv, tst->priv_len, - tst->pub_seed, tst->pub_seed_len))) + if (!TEST_true(set_entropy(tst->priv, key_len, + tst->priv + key_len, n))) goto err; fake_rand_set_callback(RAND_get0_private(NULL), &fake_rand_cb); @@ -289,8 +298,10 @@ static int slh_dsa_keygen_test(void) if (!TEST_true(EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, pub, sizeof(pub), &pub_len))) goto err; - if (!TEST_size_t_eq(priv_len, tst->priv_len) - || !TEST_size_t_eq(pub_len, tst->priv_len)) + if (!TEST_size_t_eq(priv_len, key_len) + || !TEST_size_t_eq(pub_len, key_len)) + goto err; + if (!TEST_mem_eq(pub, pub_len, tst->priv + key_len, key_len)) goto err; ret = 1; err: @@ -311,9 +322,11 @@ static int slh_dsa_pub_root_from_data_test(void) size_t priv_len = 0, pub_len = 0; EVP_PKEY *pkey = NULL; const SLH_DSA_KEYGEN_TEST_DATA *tst = &slh_dsa_keygen_testdata[0]; + size_t key_len = tst->priv_len / 2; + size_t n = key_len / 2; - if (!slh_dsa_create_keypair(&pkey, tst->name, tst->priv, tst->priv_len, - tst->pub_seed, tst->pub_seed_len)) + if (!slh_dsa_create_keypair(&pkey, tst->name, tst->priv, key_len, + tst->priv + key_len, n)) goto err; if (!TEST_true(EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_PRIV_KEY, @@ -322,7 +335,7 @@ static int slh_dsa_pub_root_from_data_test(void) if (!TEST_true(EVP_PKEY_get_octet_string_param(pkey, OSSL_PKEY_PARAM_PUB_KEY, pub, sizeof(pub), &pub_len))) goto err; - if (!TEST_mem_eq(pub, pub_len, tst->pub_expected, tst->pub_expected_len)) + if (!TEST_mem_eq(pub, pub_len, tst->priv + key_len, key_len)) goto err; ret = 1; err: @@ -340,8 +353,8 @@ int setup_tests(void) ADD_TEST(slh_dsa_bad_pub_len_test); ADD_TEST(slh_dsa_key_validate_test); ADD_TEST(slh_dsa_key_eq_test); - ADD_TEST(slh_dsa_sign_verify_test); - ADD_TEST(slh_dsa_keygen_test); + ADD_ALL_TESTS(slh_dsa_sign_verify_test, OSSL_NELEM(slh_dsa_sig_testdata)); + ADD_ALL_TESTS(slh_dsa_keygen_test, OSSL_NELEM(slh_dsa_keygen_testdata)); ADD_TEST(slh_dsa_pub_root_from_data_test); return 1; } -- 2.47.2