From 36f10925ff6e82dd12f6e4a05d53d360d5a475a7 Mon Sep 17 00:00:00 2001 From: slontis Date: Thu, 6 Feb 2025 18:27:34 +1100 Subject: [PATCH] ML-DSA: Add TLS-SIGALG capability to support ML-DSA signatures Reviewed-by: Tim Hudson Reviewed-by: Tomas Mraz Reviewed-by: Viktor Dukhovni (Merged from https://github.com/openssl/openssl/pull/26654) --- providers/common/capabilities.c | 57 +++++++++++++++++++ .../implementations/signature/ml_dsa_sig.c | 1 - .../cert.json.in | 4 +- 3 files changed, 59 insertions(+), 3 deletions(-) diff --git a/providers/common/capabilities.c b/providers/common/capabilities.c index 550eca1af74..78099ecf659 100644 --- a/providers/common/capabilities.c +++ b/providers/common/capabilities.c @@ -220,11 +220,68 @@ static int tls_group_capability(OSSL_CALLBACK *cb, void *arg) return 1; } +/* --------------------------------------------------------------- */ + +#if !defined(OPENSSL_NO_ML_DSA) + +typedef struct tls_sigalg_constants_st { + unsigned int code_point; + unsigned int sec_bits; /* Bits of security */ + int min_tls; /* Minimum TLS version, -1 unsupported */ + int max_tls; /* Maximum TLS version (or 0 for undefined) */ +} TLS_SIGALG_CONSTANTS; + +static const TLS_SIGALG_CONSTANTS sigalg_constants_list[3] = { + { 0x0904, 128, TLS1_3_VERSION, 0 }, + { 0x0905, 192, TLS1_3_VERSION, 0 }, + { 0x0906, 256, TLS1_3_VERSION, 0 }, +}; + +# define TLS_SIGALG_ENTRY(tlsname, algorithm, oid, idx) \ + { \ + OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_SIGALG_IANA_NAME, \ + tlsname, sizeof(tlsname)), \ + OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_SIGALG_NAME, \ + algorithm, sizeof(algorithm)), \ + OSSL_PARAM_utf8_string(OSSL_CAPABILITY_TLS_SIGALG_OID, \ + oid, sizeof(oid)), \ + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_SIGALG_CODE_POINT, \ + (unsigned int *)&sigalg_constants_list[idx].code_point),\ + OSSL_PARAM_uint(OSSL_CAPABILITY_TLS_SIGALG_SECURITY_BITS, \ + (unsigned int *)&sigalg_constants_list[idx].sec_bits), \ + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_SIGALG_MIN_TLS, \ + (unsigned int *)&sigalg_constants_list[idx].min_tls), \ + OSSL_PARAM_int(OSSL_CAPABILITY_TLS_SIGALG_MAX_TLS, \ + (unsigned int *)&sigalg_constants_list[idx].max_tls), \ + OSSL_PARAM_END \ + } + +static const OSSL_PARAM param_sigalg_list[][8] = { + TLS_SIGALG_ENTRY("mldsa44", "ML-DSA-44", "2.16.840.1.101.3.4.3.17", 0), + TLS_SIGALG_ENTRY("mldsa65", "ML-DSA-65", "2.16.840.1.101.3.4.3.18", 1), + TLS_SIGALG_ENTRY("mldsa87", "ML-DSA-87", "2.16.840.1.101.3.4.3.19", 2), +}; +#endif /* OPENSSL_NO_ML_DSA */ + +static int tls_sigalg_capability(OSSL_CALLBACK *cb, void *arg) +{ +#if !defined(OPENSSL_NO_ML_DSA) + size_t i; + + for (i = 0; i < OSSL_NELEM(param_sigalg_list); i++) + if (!cb(param_sigalg_list[i], arg)) + return 0; +#endif + return 1; +} + int ossl_prov_get_capabilities(void *provctx, const char *capability, OSSL_CALLBACK *cb, void *arg) { if (OPENSSL_strcasecmp(capability, "TLS-GROUP") == 0) return tls_group_capability(cb, arg); + if (OPENSSL_strcasecmp(capability, "TLS-SIGALG") == 0) + return tls_sigalg_capability(cb, arg); /* We don't support this capability */ return 0; diff --git a/providers/implementations/signature/ml_dsa_sig.c b/providers/implementations/signature/ml_dsa_sig.c index f109a66f336..e235e31752e 100644 --- a/providers/implementations/signature/ml_dsa_sig.c +++ b/providers/implementations/signature/ml_dsa_sig.c @@ -78,7 +78,6 @@ static void *ml_dsa_newctx(void *provctx, int evp_type, const char *propq) ctx->libctx = PROV_LIBCTX_OF(provctx); ctx->msg_encode = ML_DSA_MESSAGE_ENCODE_PURE; ctx->evp_type = evp_type; - return ctx; } diff --git a/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in b/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in index a093b9d76cb..93c4db76c43 100644 --- a/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in +++ b/test/recipes/95-test_external_tlsfuzzer_data/cert.json.in @@ -12,12 +12,12 @@ {"name" : "test-tls13-certificate-verify.py", "arguments" : ["-k", "tests/clientX509Key.pem", "-c", "tests/clientX509Cert.pem", - "-s", "ecdsa_secp256r1_sha256 ecdsa_secp384r1_sha384 ecdsa_secp521r1_sha512 ed25519 ed448 8+26 8+27 8+28 rsa_pss_pss_sha256 rsa_pss_pss_sha384 rsa_pss_pss_sha512 rsa_pss_rsae_sha256 rsa_pss_rsae_sha384 rsa_pss_rsae_sha512 rsa_pkcs1_sha256 rsa_pkcs1_sha384 rsa_pkcs1_sha512 ecdsa_sha224 rsa_pkcs1_sha224", + "-s", "ecdsa_secp256r1_sha256 ecdsa_secp384r1_sha384 ecdsa_secp521r1_sha512 ed25519 ed448 8+26 8+27 8+28 rsa_pss_pss_sha256 rsa_pss_pss_sha384 rsa_pss_pss_sha512 rsa_pss_rsae_sha256 rsa_pss_rsae_sha384 rsa_pss_rsae_sha512 rsa_pkcs1_sha256 rsa_pkcs1_sha384 rsa_pkcs1_sha512 ecdsa_sha224 rsa_pkcs1_sha224 9+4 9+5 9+6", "-p", "@PORT@"]}, {"name" : "test-tls13-ecdsa-in-certificate-verify.py", "arguments" : ["-k", "tests/serverECKey.pem", "-c", "tests/serverECCert.pem", - "-s", "ecdsa_secp256r1_sha256 ecdsa_secp384r1_sha384 ecdsa_secp521r1_sha512 ed25519 ed448 8+26 8+27 8+28 rsa_pss_pss_sha256 rsa_pss_pss_sha384 rsa_pss_pss_sha512 rsa_pss_rsae_sha256 rsa_pss_rsae_sha384 rsa_pss_rsae_sha512 rsa_pkcs1_sha256 rsa_pkcs1_sha384 rsa_pkcs1_sha512 ecdsa_sha224 rsa_pkcs1_sha224", + "-s", "ecdsa_secp256r1_sha256 ecdsa_secp384r1_sha384 ecdsa_secp521r1_sha512 ed25519 ed448 8+26 8+27 8+28 rsa_pss_pss_sha256 rsa_pss_pss_sha384 rsa_pss_pss_sha512 rsa_pss_rsae_sha256 rsa_pss_rsae_sha384 rsa_pss_rsae_sha512 rsa_pkcs1_sha256 rsa_pkcs1_sha384 rsa_pkcs1_sha512 ecdsa_sha224 rsa_pkcs1_sha224 9+4 9+5 9+6", "-p", "@PORT@"]} ] }, -- 2.47.2