fips: perform pair-wise consistency test for ML-DSA

Also mark the signature creation and verification operation as
non-approved, as the current version of liboqs doesn't implement
sufficient checks for input.

Signed-off-by: Daiki Ueno <ueno@gnu.org>

diff --git a/lib/nettle/pk.c b/lib/nettle/pk.c
index 3a3aae1bd43a60175b062d5615e3b3ac3b477fa6..9cc0a8be577bd3eae181df27c0e8283035c10d4e 100644 (file)
--- a/lib/nettle/pk.c
+++ b/lib/nettle/pk.c
@@ -1863,6 +1863,11 @@ static int _wrap_nettle_pk_sign(gnutls_pk_algorithm_t algo,
                OQS_STATUS rc;
                size_t size;
 
+               /* As of liboqs 0.12.0, liboqs implementation lacks
+                * sufficient checks for ML-DSA.
+                */
+               not_approved = true;
+
                const char *algo_name = pk_to_liboqs_algo(algo);
                if (algo_name == NULL ||
                    !GNUTLS_OQS_FUNC(OQS_SIG_alg_is_enabled)(algo_name)) {
@@ -2273,6 +2278,11 @@ static int _wrap_nettle_pk_verify(gnutls_pk_algorithm_t algo,
                OQS_SIG *sig;
                OQS_STATUS rc;
 
+               /* As of liboqs 0.12.0, liboqs implementation lacks
+                * sufficient checks for ML-DSA.
+                */
+               not_approved = true;
+
                const char *algo_name = pk_to_liboqs_algo(algo);
                if (algo_name == NULL ||
                    !GNUTLS_OQS_FUNC(OQS_SIG_alg_is_enabled)(algo_name)) {
@@ -3087,6 +3097,9 @@ static int pct_test(gnutls_pk_algorithm_t algo,
        case GNUTLS_PK_GOST_01:
        case GNUTLS_PK_GOST_12_256:
        case GNUTLS_PK_GOST_12_512:
+       case GNUTLS_PK_ML_DSA_44:
+       case GNUTLS_PK_ML_DSA_65:
+       case GNUTLS_PK_ML_DSA_87:
                ret = _gnutls_pk_sign(algo, &sig, &ddata, params, &spki);
                if (ret < 0) {
                        ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);