From: Simo Sorce <simo@redhat.com>
Date: Wed, 1 Oct 2025 19:53:07 +0000 (-0400)
Subject: Change SLH-DSA tests to be deferred
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=311f7bd6dd609cd32faa406bbddca580ae4fd4eb;p=thirdparty%2Fopenssl.git

Change SLH-DSA tests to be deferred

Signed-off-by: Simo Sorce <simo@redhat.com>

Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Dmitry Belyavskiy <beldmit@gmail.com>
(Merged from https://github.com/openssl/openssl/pull/28725)
---

diff --git a/providers/fips/self_test_data.inc b/providers/fips/self_test_data.inc
index b864a47a56c..b4073243146 100644
--- a/providers/fips/self_test_data.inc
+++ b/providers/fips/self_test_data.inc
@@ -3280,7 +3280,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = {
     {
         OSSL_SELF_TEST_DESC_SIGN_SLH_DSA,
         "SLH-DSA-SHA2-128f", "SLH-DSA-SHA2-128f",
-        0, SIGNATURE_MODE_SIG_DIGESTED,
+        1, SIGNATURE_MODE_SIG_DIGESTED,
         slh_dsa_sha2_128f_key_params,
         ITM(slh_dsa_sha2_sig_msg),
         NULL, 0, NULL, 0, NULL, 0,
@@ -3290,7 +3290,7 @@ static const ST_KAT_SIGN st_kat_sign_tests[] = {
     {
         OSSL_SELF_TEST_DESC_SIGN_SLH_DSA,
         "SLH-DSA-SHAKE-128f", "SLH-DSA-SHAKE-128f",
-        0, SIGNATURE_MODE_SIG_DIGESTED,
+        1, SIGNATURE_MODE_SIG_DIGESTED,
         slh_dsa_shake_128f_key_params,
         ITM(slh_dsa_shake_sig_msg),
         NULL, 0, NULL, 0, NULL, 0,
@@ -3705,7 +3705,7 @@ static const ST_KAT_ASYM_KEYGEN st_kat_asym_keygen_tests[] = {
 # if !defined(OPENSSL_NO_SLH_DSA)
     {
         OSSL_SELF_TEST_DESC_KEYGEN_SLH_DSA,
-        "SLH-DSA-SHA2-128f", 0,
+        "SLH-DSA-SHA2-128f", 1,
         slh_dsa_sha2_128f_keygen_init_params,
         slh_dsa_128f_keygen_expected_params
     },
diff --git a/providers/implementations/keymgmt/slh_dsa_kmgmt.c b/providers/implementations/keymgmt/slh_dsa_kmgmt.c
index df538ddd851..3ee7bf984e8 100644
--- a/providers/implementations/keymgmt/slh_dsa_kmgmt.c
+++ b/providers/implementations/keymgmt/slh_dsa_kmgmt.c
@@ -45,6 +45,29 @@ static OSSL_FUNC_keymgmt_dup_fn slh_dsa_dup_key;
 
 #define SLH_DSA_POSSIBLE_SELECTIONS (OSSL_KEYMGMT_SELECT_KEYPAIR)
 
+#ifdef FIPS_MODULE
+static FIPS_DEFERRED_TEST slh_key_gen_deferred_tests[] = {
+    {
+        "SLH-DSA-SHA2-128f",
+        FIPS_DEFERRED_KAT_ASYM_KEYGEN,
+        FIPS_DEFERRED_TEST_INIT
+    },
+    { NULL, 0, 0 },
+};
+#endif
+
+static int slh_dsa_self_check(OSSL_LIB_CTX *libctx)
+{
+    if (!ossl_prov_is_running())
+        return 0;
+
+#ifdef FIPS_MODULE
+    return FIPS_deferred_self_tests(libctx, slh_key_gen_deferred_tests);
+#else
+    return 1;
+#endif
+}
+
 struct slh_dsa_gen_ctx {
     SLH_DSA_HASH_CTX *ctx;
     OSSL_LIB_CTX *libctx;
@@ -55,7 +78,7 @@ struct slh_dsa_gen_ctx {
 
 static void *slh_dsa_new_key(void *provctx, const char *alg)
 {
-    if (!ossl_prov_is_running())
+    if (!slh_dsa_self_check(PROV_LIBCTX_OF(provctx)))
         return 0;
 
     return ossl_slh_dsa_key_new(PROV_LIBCTX_OF(provctx), NULL, alg);
@@ -248,6 +271,7 @@ static void *slh_dsa_load(const void *reference, size_t reference_sz)
     if (ossl_prov_is_running() && reference_sz == sizeof(key)) {
         /* The contents of the reference is the address to our object */
         key = *(SLH_DSA_KEY **)reference;
+
         /* We grabbed, so we detach it */
         *(SLH_DSA_KEY **)reference = NULL;
         return key;
@@ -294,7 +318,8 @@ static int slh_dsa_fips140_pairwise_test(const SLH_DSA_KEY *key,
     int alloc_ctx = 0;
 
     /* During self test, it is a waste to do this test */
-    if (ossl_fips_self_testing())
+    if (ossl_fips_self_testing()
+        || slh_key_gen_deferred_tests[0].state == FIPS_DEFERRED_TEST_IN_PROGRESS)
         return 1;
 
     if (ctx == NULL) {
diff --git a/providers/implementations/signature/slh_dsa_sig.c b/providers/implementations/signature/slh_dsa_sig.c
index 23b27f2def8..baded17be19 100644
--- a/providers/implementations/signature/slh_dsa_sig.c
+++ b/providers/implementations/signature/slh_dsa_sig.c
@@ -11,6 +11,7 @@
 #include <openssl/err.h>
 #include <openssl/rand.h>
 #include <openssl/proverr.h>
+#include <openssl/self_test.h>
 #include "prov/implementations.h"
 #include "prov/providercommon.h"
 #include "prov/provider_ctx.h"
@@ -18,6 +19,7 @@
 #include "crypto/slh_dsa.h"
 #include "internal/cryptlib.h"
 #include "internal/sizes.h"
+#include "internal/fips.h"
 #include "providers/implementations/signature/slh_dsa_sig.inc"
 
 #define SLH_DSA_MAX_ADD_RANDOM_LEN 32
@@ -37,6 +39,34 @@ static OSSL_FUNC_signature_dupctx_fn slh_dsa_dupctx;
 static OSSL_FUNC_signature_set_ctx_params_fn slh_dsa_set_ctx_params;
 static OSSL_FUNC_signature_settable_ctx_params_fn slh_dsa_settable_ctx_params;
 
+#ifdef FIPS_MODULE
+static FIPS_DEFERRED_TEST slh_sig_deferred_tests[] = {
+    {
+        "SLH-DSA-SHA2-128f",
+        FIPS_DEFERRED_KAT_SIGNATURE,
+        FIPS_DEFERRED_TEST_INIT
+    },
+    {
+        "SLH-DSA-SHAKE-128f",
+        FIPS_DEFERRED_KAT_SIGNATURE,
+        FIPS_DEFERRED_TEST_INIT
+    },
+    { NULL, 0, 0 },
+};
+#endif
+
+static int slh_dsa_self_check(OSSL_LIB_CTX *libctx)
+{
+    if (!ossl_prov_is_running())
+        return 0;
+
+#ifdef FIPS_MODULE
+    return FIPS_deferred_self_tests(libctx, slh_sig_deferred_tests);
+#else
+    return 1;
+#endif
+}
+
 /*
  * NOTE: Any changes to this structure may require updating slh_dsa_dupctx().
  */
@@ -71,7 +101,7 @@ static void *slh_dsa_newctx(void *provctx, const char *alg, const char *propq)
 {
     PROV_SLH_DSA_CTX *ctx;
 
-    if (!ossl_prov_is_running())
+    if (!slh_dsa_self_check(PROV_LIBCTX_OF(provctx)))
         return NULL;
 
     ctx = OPENSSL_zalloc(sizeof(PROV_SLH_DSA_CTX));