diff options
| author | tb <> | 2026-01-22 08:59:40 +0000 |
|---|---|---|
| committer | tb <> | 2026-01-22 08:59:40 +0000 |
| commit | 7230345c386ca08c3bd745cb449fc7fa99ee0081 (patch) | |
| tree | 84f06e7e462006f7756e63738ad247d3befe74cf /src | |
| parent | 28d8cf0bbfe2d8e27749a1453bd2771c8e41c31b (diff) | |
| download | openbsd-7230345c386ca08c3bd745cb449fc7fa99ee0081.tar.gz openbsd-7230345c386ca08c3bd745cb449fc7fa99ee0081.tar.bz2 openbsd-7230345c386ca08c3bd745cb449fc7fa99ee0081.zip | |
ML-KEM: don't treat API failure as test failure for invalid test cases
An update to the test vectors adds tests which verifies that the API
correctly rejects some inputs.
Diffstat (limited to 'src')
| -rw-r--r-- | src/regress/lib/libcrypto/wycheproof/wycheproof.go | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/src/regress/lib/libcrypto/wycheproof/wycheproof.go b/src/regress/lib/libcrypto/wycheproof/wycheproof.go index 397958ac15..a204503c3e 100644 --- a/src/regress/lib/libcrypto/wycheproof/wycheproof.go +++ b/src/regress/lib/libcrypto/wycheproof/wycheproof.go | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: wycheproof.go,v 1.196 2026/01/01 12:47:52 tb Exp $ */ | 1 | /* $OpenBSD: wycheproof.go,v 1.197 2026/01/22 08:59:40 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org> | 3 | * Copyright (c) 2018,2023 Joel Sing <jsing@openbsd.org> |
| 4 | * Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org> | 4 | * Copyright (c) 2018,2019,2022-2025 Theo Buehler <tb@openbsd.org> |
| @@ -2387,8 +2387,11 @@ func runMLKEMTestGroup(rank C.int, wt *wycheproofTestMLKEM) bool { | |||
| 2387 | ek, _ := mustDecodeHexString(wt.Ek, "ek") | 2387 | ek, _ := mustDecodeHexString(wt.Ek, "ek") |
| 2388 | 2388 | ||
| 2389 | if C.MLKEM_private_key_from_seed(privKey, (*C.uchar)(unsafe.Pointer(&seed[0])), C.size_t(seedLen)) != 1 { | 2389 | if C.MLKEM_private_key_from_seed(privKey, (*C.uchar)(unsafe.Pointer(&seed[0])), C.size_t(seedLen)) != 1 { |
| 2390 | fmt.Printf("%s - MLKEM_private_key_from_seed failed\n", wt) | 2390 | if wt.Result != "invalid" { |
| 2391 | return false | 2391 | fmt.Printf("%s - MLKEM_private_key_from_seed failed\n", wt) |
| 2392 | return false; | ||
| 2393 | } | ||
| 2394 | return true | ||
| 2392 | } | 2395 | } |
| 2393 | 2396 | ||
| 2394 | if C.MLKEM_public_from_private(privKey, pubKey) != 1 { | 2397 | if C.MLKEM_public_from_private(privKey, pubKey) != 1 { |
| @@ -2416,8 +2419,11 @@ func runMLKEMTestGroup(rank C.int, wt *wycheproofTestMLKEM) bool { | |||
| 2416 | var sharedSecretLen C.size_t | 2419 | var sharedSecretLen C.size_t |
| 2417 | defer C.free(unsafe.Pointer(sharedSecret)) | 2420 | defer C.free(unsafe.Pointer(sharedSecret)) |
| 2418 | if C.MLKEM_decap(privKey, (*C.uchar)(unsafe.Pointer(&c[0])), C.size_t(cLen), (**C.uchar)(unsafe.Pointer(&sharedSecret)), (*C.size_t)(unsafe.Pointer(&sharedSecretLen))) != 1 { | 2421 | if C.MLKEM_decap(privKey, (*C.uchar)(unsafe.Pointer(&c[0])), C.size_t(cLen), (**C.uchar)(unsafe.Pointer(&sharedSecret)), (*C.size_t)(unsafe.Pointer(&sharedSecretLen))) != 1 { |
| 2419 | fmt.Printf("%s - MLKEM_decap failed\n", wt) | 2422 | if wt.Result != "invalid" { |
| 2420 | return false | 2423 | fmt.Printf("%s - MLKEM_decap failed\n", wt) |
| 2424 | return false | ||
| 2425 | } | ||
| 2426 | return true | ||
| 2421 | } | 2427 | } |
| 2422 | gotK := unsafe.Slice((*byte)(unsafe.Pointer(sharedSecret)), sharedSecretLen) | 2428 | gotK := unsafe.Slice((*byte)(unsafe.Pointer(sharedSecret)), sharedSecretLen) |
| 2423 | 2429 | ||