Merge to fips-20250107: Update PQ ACVP to reflect NIST's breaking changes.
NIST have updated the ACVP protocol for SLH-DSA and ML-DSA in several
breaking ways. This change updates acvptool to reflect this.
(cherry picked from commit 298ac78507178d1e7d058eee1e52333f760eb0c1)
Change-Id: Iddd2d1db2241a83119c7b671c225bb709d01c70c
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/77267
Auto-Submit: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>
Reviewed-by: Bob Beck <bbe@google.com>
Commit-Queue: Bob Beck <bbe@google.com>
diff --git a/util/fipstools/acvp/acvptool/subprocess/mldsa.go b/util/fipstools/acvp/acvptool/subprocess/mldsa.go
index d248ff6..b7cde7d 100644
--- a/util/fipstools/acvp/acvptool/subprocess/mldsa.go
+++ b/util/fipstools/acvp/acvptool/subprocess/mldsa.go
@@ -92,12 +92,12 @@
ID uint64 `json:"tgId"`
TestType string `json:"testType"`
ParameterSet string `json:"parameterSet"`
- PublicKey string `json:"pk"`
Tests []mldsaSigVerTest `json:"tests"`
}
type mldsaSigVerTest struct {
ID uint64 `json:"tcId"`
+ PublicKey string `json:"pk"`
Message string `json:"message"`
Signature string `json:"signature"`
}
@@ -254,13 +254,13 @@
}
cmdName := group.ParameterSet + "/sigVer"
- pk, err := hex.DecodeString(group.PublicKey)
- if err != nil {
- return nil, fmt.Errorf("failed to decode public key in group %d: %s",
- group.ID, err)
- }
-
for _, test := range group.Tests {
+ pk, err := hex.DecodeString(test.PublicKey)
+ if err != nil || len(pk) == 0 {
+ return nil, fmt.Errorf("failed to decode public key in test case %d/%d: %s",
+ group.ID, test.ID, err)
+ }
+
msg, err := hex.DecodeString(test.Message)
if err != nil {
return nil, fmt.Errorf("failed to decode message in test case %d/%d: %s",
diff --git a/util/fipstools/acvp/acvptool/test/expected/ML-DSA.bz2 b/util/fipstools/acvp/acvptool/test/expected/ML-DSA.bz2
index 77290c1..cf13292 100644
--- a/util/fipstools/acvp/acvptool/test/expected/ML-DSA.bz2
+++ b/util/fipstools/acvp/acvptool/test/expected/ML-DSA.bz2
Binary files differ
diff --git a/util/fipstools/acvp/acvptool/test/vectors/ML-DSA.bz2 b/util/fipstools/acvp/acvptool/test/vectors/ML-DSA.bz2
index e4bcaa1..317dfec 100644
--- a/util/fipstools/acvp/acvptool/test/vectors/ML-DSA.bz2
+++ b/util/fipstools/acvp/acvptool/test/vectors/ML-DSA.bz2
Binary files differ
diff --git a/util/fipstools/acvp/modulewrapper/modulewrapper.cc b/util/fipstools/acvp/modulewrapper/modulewrapper.cc
index 831a998..3245ece 100644
--- a/util/fipstools/acvp/modulewrapper/modulewrapper.cc
+++ b/util/fipstools/acvp/modulewrapper/modulewrapper.cc
@@ -958,30 +958,42 @@
"algorithm": "ML-DSA",
"mode": "sigGen",
"revision": "FIPS204",
- "parameterSets": [
- "ML-DSA-65",
- "ML-DSA-87"
- ],
+ "signatureInterfaces": ["internal"],
"deterministic": [
true,
false
],
- "messageLength": [
- {
+ "externalMu": [
+ false
+ ],
+ "capabilities": [{
+ "parameterSets": [
+ "ML-DSA-65",
+ "ML-DSA-87"
+ ],
+ "messageLength": [{
"min": 8,
"max": 65536,
"increment": 8
- }
- ]
+ }]
+ }]
},
{
"algorithm": "ML-DSA",
"mode": "sigVer",
"revision": "FIPS204",
- "parameterSets": [
- "ML-DSA-65",
- "ML-DSA-87"
- ]
+ "signatureInterfaces": ["internal"],
+ "capabilities": [{
+ "messageLength": [{
+ "min": 8,
+ "max": 65536,
+ "increment": 8
+ }],
+ "parameterSets": [
+ "ML-DSA-65",
+ "ML-DSA-87"
+ ]
+ }]
},
{
"algorithm": "ML-KEM",
@@ -1021,6 +1033,7 @@
true,
false
],
+ "signatureInterfaces": [ "internal" ],
"capabilities": [
{
"parameterSets": [
@@ -1040,6 +1053,7 @@
"algorithm": "SLH-DSA",
"mode": "sigVer",
"revision": "FIPS205",
+ "signatureInterfaces": [ "internal" ],
"deterministic": [
true,
false
