From 7b95d20d489e33ac158217d8798c7ebfbcf64674 Mon Sep 17 00:00:00 2001
From: Pauli <ppzgs1@gmail.com>
Date: Wed, 5 Feb 2025 14:25:09 +1100
Subject: [PATCH] =?utf8?q?test:=20update=20the=20ACVP=20test=20data=20pars?=
 =?utf8?q?er=20to=20include=20tests=20that=20use=20=CE=BC?=
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Viktor Dukhovni <viktor@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26637)
---
 test/mldsa_parse.py | 48 ++++++++++++++++++++++++++++++++++-----------
 1 file changed, 37 insertions(+), 11 deletions(-)
 mode change 100644 => 100755 test/mldsa_parse.py

diff --git a/test/mldsa_parse.py b/test/mldsa_parse.py
old mode 100644
new mode 100755
index 1443e939b89..5d53f83c6d1
--- a/test/mldsa_parse.py
+++ b/test/mldsa_parse.py
@@ -1,3 +1,5 @@
+#!/usr/bin/env python
+
 # A python program written to parse (version 42) of the ACVP test vectors for
 # ML_DSA. The 3 files that can be processed by this utility can be downloaded
 # from
@@ -24,7 +26,9 @@ def print_hexlabel(label, tag, value):
 def parse_ml_dsa_key_gen(groups):
     for grp in groups:
         for tst in grp['tests']:
-            print_label("\nKeyGen", grp['parameterSet'])
+            print("");
+            print_label("FIPSversion", ">=3.5.0")
+            print_label("KeyGen", grp['parameterSet'])
             print_label("KeyName", "tcId" + str(tst['tcId']))
             print_hexlabel("Ctrl", "seed", tst['seed'])
             print_hexlabel("CtrlOut", "pub", tst['pk'])
@@ -33,22 +37,33 @@ def parse_ml_dsa_key_gen(groups):
 def parse_ml_dsa_sig_gen(groups):
     for grp in groups:
         deter = grp['deterministic'] # Boolean
-        externalMu = grp["externalMu"] # Boolean
+        externalMu = grp['externalMu'] # Boolean
         signInterfaceExternal = (grp['signatureInterface'] == "External")
+        signPreHash = (grp['preHash'] == "preHash")
         signPure = (grp['preHash'] == "pure")
+        includeMu = True # Flag flips to only include the Ctrl mu:0 half the time
 
-        if externalMu or not signPure:
+        if signPreHash:
+            continue
+        if not externalMu and not signPure:
             continue
 
         name = grp['parameterSet'].replace('-', '_')
         for tst in grp['tests']:
             testname = name + "_" + str(tst['tcId'])
-            print_label("\nPrivateKeyRaw", testname + ":" + grp['parameterSet'] + ":" + tst['sk'])
-            print_label("\nSign-Message", grp['parameterSet'] + ":" + testname)
-            print_label("Input", tst['message'])
+            print("");
+            print_label("PrivateKeyRaw", testname + ":" + grp['parameterSet'] + ":" + tst['sk'])
+            print("");
+            print_label("FIPSversion", ">=3.5.0")
+            print_label("Sign-Message", grp['parameterSet'] + ":" + testname)
+            print_label("Input", tst['mu' if externalMu else 'message'])
             print_label("Output", tst['signature'])
             print_label("Ctrl", "message-encoding:1")
-            print_label("Ctrl", "hexcontext-string:" + tst["context"])
+            if not externalMu:
+                print_label("Ctrl", "hexcontext-string:" + tst["context"])
+                includeMu = not includeMu
+            if externalMu or includeMu:
+                print_label("Ctrl", "mu:" + ("1" if externalMu else "0"))
             print_label("Ctrl", "deterministic:" + ("1" if deter else "0"))
             if not deter:
                 print_label("Ctrl", "hextest-entropy:" + tst["rnd"])
@@ -57,22 +72,33 @@ def parse_ml_dsa_sig_ver(groups):
     for grp in groups:
         externalMu = grp["externalMu"] # Boolean
         signInterfaceExternal = (grp['signatureInterface'] == "External")
+        signPreHash = (grp['preHash'] == "preHash")
         signPure = (grp['preHash'] == "pure")
+        includeMu = True # Flag flips to only include the Ctrl mu:0 half the time
 
-        if externalMu or not signPure:
+        if signPreHash:
+            continue
+        if not externalMu and not signPure:
             continue
 
         name = grp['parameterSet'].replace('-', '_')
         for tst in grp['tests']:
             testname = name + "_" + str(tst['tcId'])
-            print_label("\nPublicKeyRaw", testname + ":" + grp['parameterSet'] + ":" + tst['pk'] + "\n")
+            print("");
+            print_label("PublicKeyRaw", testname + ":" + grp['parameterSet'] + ":" + tst['pk'])
+            print("");
             if "reason" in tst:
                 print("# " + tst['reason'])
+            print_label("FIPSversion", ">=3.5.0")
             print_label("Verify-Message-Public", grp['parameterSet'] + ":" + testname)
-            print_label("Input", tst['message'])
+            print_label("Input", tst['mu' if externalMu else 'message'])
             print_label("Output", tst['signature'])
             print_label("Ctrl", "message-encoding:1")
-            print_label("Ctrl", "hexcontext-string:" + tst["context"])
+            if not externalMu:
+                print_label("Ctrl", "hexcontext-string:" + tst["context"])
+                includeMu = not includeMu
+            if externalMu or includeMu:
+                print_label("Ctrl", "mu:" + ("1" if externalMu else "0"))
             if not tst['testPassed']:
                 print_label("Result", "VERIFY_ERROR")
 
-- 
2.47.2