summaryrefslogtreecommitdiff
path: root/src/regress/lib/libcrypto/mlkem
diff options
context:
space:
mode:
Diffstat (limited to 'src/regress/lib/libcrypto/mlkem')
-rw-r--r--src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c16
-rw-r--r--src/regress/lib/libcrypto/mlkem/mlkem_tests.c26
-rw-r--r--src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c118
-rw-r--r--src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h38
-rw-r--r--src/regress/lib/libcrypto/mlkem/mlkem_unittest.c70
-rw-r--r--src/regress/lib/libcrypto/mlkem/parse_test_file.c13
6 files changed, 122 insertions, 159 deletions
diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c b/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c
index 5a61248090..b93243023c 100644
--- a/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c
+++ b/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mlkem_iteration_tests.c,v 1.2 2024/12/26 07:26:45 tb Exp $ */ 1/* $OpenBSD: mlkem_iteration_tests.c,v 1.5 2025/05/20 00:33:41 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2024 Google Inc. 3 * Copyright (c) 2024 Google Inc.
4 * Copyright (c) 2024 Bob Beck <beck@obtuse.com> 4 * Copyright (c) 2024 Bob Beck <beck@obtuse.com>
@@ -73,7 +73,7 @@ struct iteration_ctx {
73 void *priv; 73 void *priv;
74 void *pub; 74 void *pub;
75 75
76 mlkem_encode_private_key_fn encode_private_key; 76 mlkem_marshal_private_key_fn marshal_private_key;
77 mlkem_encap_external_entropy_fn encap_external_entropy; 77 mlkem_encap_external_entropy_fn encap_external_entropy;
78 mlkem_generate_key_external_entropy_fn generate_key_external_entropy; 78 mlkem_generate_key_external_entropy_fn generate_key_external_entropy;
79 mlkem_public_from_private_fn public_from_private; 79 mlkem_public_from_private_fn public_from_private;
@@ -116,8 +116,10 @@ MlkemIterativeTest(struct iteration_ctx *ctx)
116 } 116 }
117 117
118 /* generate ek as encoded_public_key */ 118 /* generate ek as encoded_public_key */
119 ctx->generate_key_external_entropy(ctx->encoded_public_key, 119 if (!ctx->generate_key_external_entropy(ctx->encoded_public_key,
120 ctx->priv, seed); 120 ctx->priv, seed)) {
121 errx(1, "generate_key_external_entropy");
122 }
121 ctx->public_from_private(ctx->pub, ctx->priv); 123 ctx->public_from_private(ctx->pub, ctx->priv);
122 124
123 /* hash in ek */ 125 /* hash in ek */
@@ -125,7 +127,7 @@ MlkemIterativeTest(struct iteration_ctx *ctx)
125 ctx->encoded_public_key_len); 127 ctx->encoded_public_key_len);
126 128
127 /* marshal priv to dk as encoded_private_key */ 129 /* marshal priv to dk as encoded_private_key */
128 if (!ctx->encode_private_key(ctx->priv, &encoded_private_key, 130 if (!ctx->marshal_private_key(ctx->priv, &encoded_private_key,
129 &encoded_private_key_len)) 131 &encoded_private_key_len))
130 errx(1, "encode private key"); 132 errx(1, "encode private key");
131 133
@@ -183,7 +185,7 @@ main(void)
183 .priv = &priv768, 185 .priv = &priv768,
184 .pub = &pub768, 186 .pub = &pub768,
185 .encap_external_entropy = mlkem768_encap_external_entropy, 187 .encap_external_entropy = mlkem768_encap_external_entropy,
186 .encode_private_key = mlkem768_encode_private_key, 188 .marshal_private_key = mlkem768_marshal_private_key,
187 .generate_key_external_entropy = 189 .generate_key_external_entropy =
188 mlkem768_generate_key_external_entropy, 190 mlkem768_generate_key_external_entropy,
189 .public_from_private = mlkem768_public_from_private, 191 .public_from_private = mlkem768_public_from_private,
@@ -208,7 +210,7 @@ main(void)
208 .priv = &priv1024, 210 .priv = &priv1024,
209 .pub = &pub1024, 211 .pub = &pub1024,
210 .encap_external_entropy = mlkem1024_encap_external_entropy, 212 .encap_external_entropy = mlkem1024_encap_external_entropy,
211 .encode_private_key = mlkem1024_encode_private_key, 213 .marshal_private_key = mlkem1024_marshal_private_key,
212 .generate_key_external_entropy = 214 .generate_key_external_entropy =
213 mlkem1024_generate_key_external_entropy, 215 mlkem1024_generate_key_external_entropy,
214 .public_from_private = mlkem1024_public_from_private, 216 .public_from_private = mlkem1024_public_from_private,
diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_tests.c b/src/regress/lib/libcrypto/mlkem/mlkem_tests.c
index 2801a58890..8e04dc6ad2 100644
--- a/src/regress/lib/libcrypto/mlkem/mlkem_tests.c
+++ b/src/regress/lib/libcrypto/mlkem/mlkem_tests.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mlkem_tests.c,v 1.2 2024/12/26 00:10:19 tb Exp $ */ 1/* $OpenBSD: mlkem_tests.c,v 1.6 2025/05/20 00:33:41 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2024 Google Inc. 3 * Copyright (c) 2024 Google Inc.
4 * Copyright (c) 2024 Theo Buehler <tb@openbsd.org> 4 * Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
@@ -112,7 +112,8 @@ MlkemDecapFileTest(struct decap_ctx *decap)
112 parse_get_cbs(p, DECAP_PRIVATE_KEY, &private_key); 112 parse_get_cbs(p, DECAP_PRIVATE_KEY, &private_key);
113 parse_get_int(p, DECAP_RESULT, &should_fail); 113 parse_get_int(p, DECAP_RESULT, &should_fail);
114 114
115 if (!decap->parse_private_key(decap->private_key, &private_key)) { 115 if (!decap->parse_private_key(decap->private_key,
116 CBS_data(&private_key), CBS_len(&private_key))) {
116 if ((failed = !should_fail)) 117 if ((failed = !should_fail))
117 parse_info(p, "parse private key"); 118 parse_info(p, "parse private key");
118 goto err; 119 goto err;
@@ -207,7 +208,8 @@ MlkemNistDecapFileTest(struct decap_ctx *decap)
207 MLKEM_SHARED_SECRET_BYTES, CBS_len(&k))) 208 MLKEM_SHARED_SECRET_BYTES, CBS_len(&k)))
208 goto err; 209 goto err;
209 210
210 if (!decap->parse_private_key(decap->private_key, &dk)) { 211 if (!decap->parse_private_key(decap->private_key, CBS_data(&dk),
212 CBS_len(&dk))) {
211 parse_info(p, "parse private key"); 213 parse_info(p, "parse private key");
212 goto err; 214 goto err;
213 } 215 }
@@ -360,7 +362,8 @@ MlkemEncapFileTest(struct encap_ctx *encap)
360 parse_get_cbs(p, ENCAP_SHARED_SECRET, &shared_secret); 362 parse_get_cbs(p, ENCAP_SHARED_SECRET, &shared_secret);
361 parse_get_int(p, ENCAP_RESULT, &should_fail); 363 parse_get_int(p, ENCAP_RESULT, &should_fail);
362 364
363 if (!encap->parse_public_key(encap->public_key, &public_key)) { 365 if (!encap->parse_public_key(encap->public_key, CBS_data(&public_key),
366 CBS_len(&public_key))) {
364 if ((failed = !should_fail)) 367 if ((failed = !should_fail))
365 parse_info(p, "parse public key"); 368 parse_info(p, "parse public key");
366 goto err; 369 goto err;
@@ -441,7 +444,7 @@ struct keygen_ctx {
441 size_t public_key_len; 444 size_t public_key_len;
442 445
443 mlkem_generate_key_external_entropy_fn generate_key_external_entropy; 446 mlkem_generate_key_external_entropy_fn generate_key_external_entropy;
444 mlkem_encode_private_key_fn encode_private_key; 447 mlkem_marshal_private_key_fn marshal_private_key;
445}; 448};
446 449
447enum keygen_states { 450enum keygen_states {
@@ -512,7 +515,7 @@ MlkemKeygenFileTest(struct keygen_ctx *keygen)
512 515
513 keygen->generate_key_external_entropy(keygen->encoded_public_key, 516 keygen->generate_key_external_entropy(keygen->encoded_public_key,
514 keygen->private_key, CBS_data(&seed)); 517 keygen->private_key, CBS_data(&seed));
515 if (!keygen->encode_private_key(keygen->private_key, 518 if (!keygen->marshal_private_key(keygen->private_key,
516 &encoded_private_key, &encoded_private_key_len)) { 519 &encoded_private_key, &encoded_private_key_len)) {
517 parse_info(p, "encode private key"); 520 parse_info(p, "encode private key");
518 goto err; 521 goto err;
@@ -611,7 +614,7 @@ MlkemNistKeygenFileTest(struct keygen_ctx *keygen)
611 614
612 keygen->generate_key_external_entropy(keygen->encoded_public_key, 615 keygen->generate_key_external_entropy(keygen->encoded_public_key,
613 keygen->private_key, seed); 616 keygen->private_key, seed);
614 if (!keygen->encode_private_key(keygen->private_key, 617 if (!keygen->marshal_private_key(keygen->private_key,
615 &encoded_private_key, &encoded_private_key_len)) { 618 &encoded_private_key, &encoded_private_key_len)) {
616 parse_info(p, "encode private key"); 619 parse_info(p, "encode private key");
617 goto err; 620 goto err;
@@ -655,10 +658,11 @@ mlkem_keygen_tests(const char *fn, size_t size, enum test_type test_type)
655 .encoded_public_key_len = sizeof(encoded_public_key768), 658 .encoded_public_key_len = sizeof(encoded_public_key768),
656 .private_key_len = MLKEM768_PRIVATE_KEY_BYTES, 659 .private_key_len = MLKEM768_PRIVATE_KEY_BYTES,
657 .public_key_len = MLKEM768_PUBLIC_KEY_BYTES, 660 .public_key_len = MLKEM768_PUBLIC_KEY_BYTES,
661
658 .generate_key_external_entropy = 662 .generate_key_external_entropy =
659 mlkem768_generate_key_external_entropy, 663 mlkem768_generate_key_external_entropy,
660 .encode_private_key = 664 .marshal_private_key =
661 mlkem768_encode_private_key, 665 mlkem768_marshal_private_key,
662 }; 666 };
663 struct MLKEM1024_private_key private_key1024; 667 struct MLKEM1024_private_key private_key1024;
664 uint8_t encoded_public_key1024[MLKEM1024_PUBLIC_KEY_BYTES]; 668 uint8_t encoded_public_key1024[MLKEM1024_PUBLIC_KEY_BYTES];
@@ -671,8 +675,8 @@ mlkem_keygen_tests(const char *fn, size_t size, enum test_type test_type)
671 675
672 .generate_key_external_entropy = 676 .generate_key_external_entropy =
673 mlkem1024_generate_key_external_entropy, 677 mlkem1024_generate_key_external_entropy,
674 .encode_private_key = 678 .marshal_private_key =
675 mlkem1024_encode_private_key, 679 mlkem1024_marshal_private_key,
676 }; 680 };
677 681
678 if (size == 768 && test_type == TEST_TYPE_NORMAL) 682 if (size == 768 && test_type == TEST_TYPE_NORMAL)
diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c
index 1bb2ed3a8b..68bd5d4871 100644
--- a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c
+++ b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mlkem_tests_util.c,v 1.5 2024/12/26 00:04:24 tb Exp $ */ 1/* $OpenBSD: mlkem_tests_util.c,v 1.8 2025/05/20 00:33:41 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2024 Google Inc. 3 * Copyright (c) 2024 Google Inc.
4 * Copyright (c) 2024 Bob Beck <beck@obtuse.com> 4 * Copyright (c) 2024 Bob Beck <beck@obtuse.com>
@@ -61,91 +61,31 @@ compare_data(const uint8_t *want, const uint8_t *got, size_t len, const char *ms
61} 61}
62 62
63int 63int
64mlkem768_encode_private_key(const void *private_key, uint8_t **out_buf, 64mlkem768_marshal_private_key(const void *private_key, uint8_t **out_buf,
65 size_t *out_len) 65 size_t *out_len)
66{ 66{
67 CBB cbb; 67 return MLKEM768_marshal_private_key(private_key, out_buf, out_len);
68 int ret = 0;
69
70 if (!CBB_init(&cbb, MLKEM768_PUBLIC_KEY_BYTES))
71 goto err;
72 if (!MLKEM768_marshal_private_key(&cbb, private_key))
73 goto err;
74 if (!CBB_finish(&cbb, out_buf, out_len))
75 goto err;
76
77 ret = 1;
78
79 err:
80 CBB_cleanup(&cbb);
81
82 return ret;
83} 68}
84 69
85int 70int
86mlkem768_encode_public_key(const void *public_key, uint8_t **out_buf, 71mlkem768_marshal_public_key(const void *public_key, uint8_t **out_buf,
87 size_t *out_len) 72 size_t *out_len)
88{ 73{
89 CBB cbb; 74 return MLKEM768_marshal_public_key(out_buf, out_len, public_key);
90 int ret = 0;
91
92 if (!CBB_init(&cbb, MLKEM768_PUBLIC_KEY_BYTES))
93 goto err;
94 if (!MLKEM768_marshal_public_key(&cbb, public_key))
95 goto err;
96 if (!CBB_finish(&cbb, out_buf, out_len))
97 goto err;
98
99 ret = 1;
100
101 err:
102 CBB_cleanup(&cbb);
103
104 return ret;
105} 75}
106 76
107int 77int
108mlkem1024_encode_private_key(const void *private_key, uint8_t **out_buf, 78mlkem1024_marshal_private_key(const void *private_key, uint8_t **out_buf,
109 size_t *out_len) 79 size_t *out_len)
110{ 80{
111 CBB cbb; 81 return MLKEM1024_marshal_private_key(private_key, out_buf, out_len);
112 int ret = 0;
113
114 if (!CBB_init(&cbb, MLKEM1024_PUBLIC_KEY_BYTES))
115 goto err;
116 if (!MLKEM1024_marshal_private_key(&cbb, private_key))
117 goto err;
118 if (!CBB_finish(&cbb, out_buf, out_len))
119 goto err;
120
121 ret = 1;
122
123 err:
124 CBB_cleanup(&cbb);
125
126 return ret;
127} 82}
128 83
129int 84int
130mlkem1024_encode_public_key(const void *public_key, uint8_t **out_buf, 85mlkem1024_marshal_public_key(const void *public_key, uint8_t **out_buf,
131 size_t *out_len) 86 size_t *out_len)
132{ 87{
133 CBB cbb; 88 return MLKEM1024_marshal_public_key(out_buf, out_len, public_key);
134 int ret = 0;
135
136 if (!CBB_init(&cbb, MLKEM1024_PUBLIC_KEY_BYTES))
137 goto err;
138 if (!MLKEM1024_marshal_public_key(&cbb, public_key))
139 goto err;
140 if (!CBB_finish(&cbb, out_buf, out_len))
141 goto err;
142
143 ret = 1;
144
145 err:
146 CBB_cleanup(&cbb);
147
148 return ret;
149} 89}
150 90
151int 91int
@@ -173,32 +113,36 @@ mlkem768_encap_external_entropy(uint8_t *out_ciphertext,
173 public_key, entropy); 113 public_key, entropy);
174} 114}
175 115
176void 116int
177mlkem768_generate_key(uint8_t *out_encoded_public_key, 117mlkem768_generate_key(uint8_t *out_encoded_public_key,
178 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key) 118 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key)
179{ 119{
180 MLKEM768_generate_key(out_encoded_public_key, optional_out_seed, 120 return MLKEM768_generate_key(out_encoded_public_key, optional_out_seed,
181 out_private_key); 121 out_private_key);
182} 122}
183 123
184void 124int
185mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key, 125mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key,
186 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]) 126 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES])
187{ 127{
188 MLKEM768_generate_key_external_entropy(out_encoded_public_key, 128 return MLKEM768_generate_key_external_entropy(out_encoded_public_key,
189 out_private_key, entropy); 129 out_private_key, entropy);
190} 130}
191 131
192int 132int
193mlkem768_parse_private_key(void *out_private_key, CBS *private_key_cbs) 133mlkem768_parse_private_key(void *out_private_key, const uint8_t *private_key,
134 size_t private_key_len)
194{ 135{
195 return MLKEM768_parse_private_key(out_private_key, private_key_cbs); 136 return MLKEM768_parse_private_key(out_private_key, private_key,
137 private_key_len);
196} 138}
197 139
198int 140int
199mlkem768_parse_public_key(void *out_public_key, CBS *public_key_cbs) 141mlkem768_parse_public_key(void *out_public_key, const uint8_t *public_key,
142 size_t public_key_len)
200{ 143{
201 return MLKEM768_parse_public_key(out_public_key, public_key_cbs); 144 return MLKEM768_parse_public_key(out_public_key, public_key,
145 public_key_len);
202} 146}
203 147
204void 148void
@@ -232,26 +176,28 @@ mlkem1024_encap_external_entropy(uint8_t *out_ciphertext,
232 public_key, entropy); 176 public_key, entropy);
233} 177}
234 178
235void 179int
236mlkem1024_generate_key(uint8_t *out_encoded_public_key, 180mlkem1024_generate_key(uint8_t *out_encoded_public_key,
237 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key) 181 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key)
238{ 182{
239 MLKEM1024_generate_key(out_encoded_public_key, optional_out_seed, 183 return MLKEM1024_generate_key(out_encoded_public_key, optional_out_seed,
240 out_private_key); 184 out_private_key);
241} 185}
242 186
243void 187int
244mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key, 188mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key,
245 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]) 189 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES])
246{ 190{
247 MLKEM1024_generate_key_external_entropy(out_encoded_public_key, 191 return MLKEM1024_generate_key_external_entropy(out_encoded_public_key,
248 out_private_key, entropy); 192 out_private_key, entropy);
249} 193}
250 194
251int 195int
252mlkem1024_parse_private_key(void *out_private_key, CBS *private_key_cbs) 196mlkem1024_parse_private_key(void *out_private_key, const uint8_t *private_key,
197 size_t private_key_len)
253{ 198{
254 return MLKEM1024_parse_private_key(out_private_key, private_key_cbs); 199 return MLKEM1024_parse_private_key(out_private_key, private_key,
200 private_key_len);
255} 201}
256 202
257void 203void
@@ -261,7 +207,9 @@ mlkem1024_public_from_private(void *out_public_key, const void *private_key)
261} 207}
262 208
263int 209int
264mlkem1024_parse_public_key(void *out_public_key, CBS *public_key_cbs) 210mlkem1024_parse_public_key(void *out_public_key, const uint8_t *public_key,
211 size_t public_key_len)
265{ 212{
266 return MLKEM1024_parse_public_key(out_public_key, public_key_cbs); 213 return MLKEM1024_parse_public_key(out_public_key, public_key,
214 public_key_len);
267} 215}
diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h
index 7fbe6f76a9..1235309f60 100644
--- a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h
+++ b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h
@@ -1,4 +1,4 @@
1/* $OpenBSD: mlkem_tests_util.h,v 1.4 2024/12/26 00:04:24 tb Exp $ */ 1/* $OpenBSD: mlkem_tests_util.h,v 1.7 2025/05/20 00:33:41 beck Exp $ */
2/* 2/*
3 * Copyright (c) 2024 Bob Beck <beck@obtuse.com> 3 * Copyright (c) 2024 Bob Beck <beck@obtuse.com>
4 * Copyright (c) 2024 Theo Buehler <tb@openbsd.org> 4 * Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
@@ -30,13 +30,13 @@
30int compare_data(const uint8_t *want, const uint8_t *got, size_t len, 30int compare_data(const uint8_t *want, const uint8_t *got, size_t len,
31 const char *msg); 31 const char *msg);
32 32
33int mlkem768_encode_private_key(const void *priv, uint8_t **out_buf, 33int mlkem768_marshal_private_key(const void *priv, uint8_t **out_buf,
34 size_t *out_len); 34 size_t *out_len);
35int mlkem768_encode_public_key(const void *pub, uint8_t **out_buf, 35int mlkem768_marshal_public_key(const void *pub, uint8_t **out_buf,
36 size_t *out_len); 36 size_t *out_len);
37int mlkem1024_encode_private_key(const void *priv, uint8_t **out_buf, 37int mlkem1024_marshal_private_key(const void *priv, uint8_t **out_buf,
38 size_t *out_len); 38 size_t *out_len);
39int mlkem1024_encode_public_key(const void *pub, uint8_t **out_buf, 39int mlkem1024_marshal_public_key(const void *pub, uint8_t **out_buf,
40 size_t *out_len); 40 size_t *out_len);
41 41
42int mlkem768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], 42int mlkem768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
@@ -46,12 +46,12 @@ void mlkem768_encap(uint8_t *out_ciphertext,
46void mlkem768_encap_external_entropy(uint8_t *out_ciphertext, 46void mlkem768_encap_external_entropy(uint8_t *out_ciphertext,
47 uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], const void *pub, 47 uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], const void *pub,
48 const uint8_t entropy[MLKEM_ENCAP_ENTROPY]); 48 const uint8_t entropy[MLKEM_ENCAP_ENTROPY]);
49void mlkem768_generate_key(uint8_t *out_encoded_public_key, 49int mlkem768_generate_key(uint8_t *out_encoded_public_key,
50 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key); 50 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key);
51void mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key, 51int mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key,
52 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]); 52 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]);
53int mlkem768_parse_private_key(void *priv, CBS *private_key_cbs); 53int mlkem768_parse_private_key(void *priv, const uint8_t *in, size_t in_len);
54int mlkem768_parse_public_key(void *pub, CBS *in); 54int mlkem768_parse_public_key(void *pub, const uint8_t *in, size_t in_len);
55void mlkem768_public_from_private(void *out_public_key, const void *private_key); 55void mlkem768_public_from_private(void *out_public_key, const void *private_key);
56 56
57int mlkem1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], 57int mlkem1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES],
@@ -61,16 +61,16 @@ void mlkem1024_encap(uint8_t *out_ciphertext,
61void mlkem1024_encap_external_entropy(uint8_t *out_ciphertext, 61void mlkem1024_encap_external_entropy(uint8_t *out_ciphertext,
62 uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], const void *pub, 62 uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], const void *pub,
63 const uint8_t entropy[MLKEM_ENCAP_ENTROPY]); 63 const uint8_t entropy[MLKEM_ENCAP_ENTROPY]);
64void mlkem1024_generate_key(uint8_t *out_encoded_public_key, 64int mlkem1024_generate_key(uint8_t *out_encoded_public_key,
65 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key); 65 uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key);
66void mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key, 66int mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key,
67 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]); 67 void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]);
68int mlkem1024_parse_private_key(void *priv, CBS *private_key_cbs); 68int mlkem1024_parse_private_key(void *priv, const uint8_t *in, size_t in_len);
69int mlkem1024_parse_public_key(void *pub, CBS *in); 69int mlkem1024_parse_public_key(void *pub, const uint8_t *in, size_t in_len);
70void mlkem1024_public_from_private(void *out_public_key, const void *private_key); 70void mlkem1024_public_from_private(void *out_public_key, const void *private_key);
71 71
72typedef int (*mlkem_encode_private_key_fn)(const void *, uint8_t **, size_t *); 72typedef int (*mlkem_marshal_private_key_fn)(const void *, uint8_t **, size_t *);
73typedef int (*mlkem_encode_public_key_fn)(const void *, uint8_t **, size_t *); 73typedef int (*mlkem_marshal_public_key_fn)(const void *, uint8_t **, size_t *);
74typedef int (*mlkem_decap_fn)(uint8_t [MLKEM_SHARED_SECRET_BYTES], 74typedef int (*mlkem_decap_fn)(uint8_t [MLKEM_SHARED_SECRET_BYTES],
75 const uint8_t *, size_t, const void *); 75 const uint8_t *, size_t, const void *);
76typedef void (*mlkem_encap_fn)(uint8_t *, uint8_t [MLKEM_SHARED_SECRET_BYTES], 76typedef void (*mlkem_encap_fn)(uint8_t *, uint8_t [MLKEM_SHARED_SECRET_BYTES],
@@ -78,11 +78,11 @@ typedef void (*mlkem_encap_fn)(uint8_t *, uint8_t [MLKEM_SHARED_SECRET_BYTES],
78typedef void (*mlkem_encap_external_entropy_fn)(uint8_t *, 78typedef void (*mlkem_encap_external_entropy_fn)(uint8_t *,
79 uint8_t [MLKEM_SHARED_SECRET_BYTES], const void *, 79 uint8_t [MLKEM_SHARED_SECRET_BYTES], const void *,
80 const uint8_t [MLKEM_ENCAP_ENTROPY]); 80 const uint8_t [MLKEM_ENCAP_ENTROPY]);
81typedef void (*mlkem_generate_key_fn)(uint8_t *, uint8_t *, void *); 81typedef int (*mlkem_generate_key_fn)(uint8_t *, uint8_t *, void *);
82typedef void (*mlkem_generate_key_external_entropy_fn)(uint8_t *, void *, 82typedef int (*mlkem_generate_key_external_entropy_fn)(uint8_t *, void *,
83 const uint8_t [MLKEM_SEED_BYTES]); 83 const uint8_t [MLKEM_SEED_BYTES]);
84typedef int (*mlkem_parse_private_key_fn)(void *, CBS *); 84typedef int (*mlkem_parse_private_key_fn)(void *, const uint8_t *, size_t);
85typedef int (*mlkem_parse_public_key_fn)(void *, CBS *); 85typedef int (*mlkem_parse_public_key_fn)(void *, const uint8_t *, size_t);
86typedef void (*mlkem_public_from_private_fn)(void *out_public_key, 86typedef void (*mlkem_public_from_private_fn)(void *out_public_key,
87 const void *private_key); 87 const void *private_key);
88 88
diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c b/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c
index 23b3d8b261..adb1c47d8e 100644
--- a/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c
+++ b/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: mlkem_unittest.c,v 1.6 2024/12/26 12:35:25 tb Exp $ */ 1/* $OpenBSD: mlkem_unittest.c,v 1.11 2025/05/21 03:46:20 tb Exp $ */
2/* 2/*
3 * Copyright (c) 2024 Google Inc. 3 * Copyright (c) 2024 Google Inc.
4 * Copyright (c) 2024 Bob Beck <beck@obtuse.com> 4 * Copyright (c) 2024 Bob Beck <beck@obtuse.com>
@@ -41,8 +41,8 @@ struct unittest_ctx {
41 mlkem_generate_key_fn generate_key; 41 mlkem_generate_key_fn generate_key;
42 mlkem_parse_private_key_fn parse_private_key; 42 mlkem_parse_private_key_fn parse_private_key;
43 mlkem_parse_public_key_fn parse_public_key; 43 mlkem_parse_public_key_fn parse_public_key;
44 mlkem_encode_private_key_fn encode_private_key; 44 mlkem_marshal_private_key_fn marshal_private_key;
45 mlkem_encode_public_key_fn encode_public_key; 45 mlkem_marshal_public_key_fn marshal_public_key;
46 mlkem_public_from_private_fn public_from_private; 46 mlkem_public_from_private_fn public_from_private;
47}; 47};
48 48
@@ -54,36 +54,32 @@ MlKemUnitTest(struct unittest_ctx *ctx)
54 uint8_t first_two_bytes[2]; 54 uint8_t first_two_bytes[2];
55 uint8_t *encoded_private_key = NULL, *tmp_buf = NULL; 55 uint8_t *encoded_private_key = NULL, *tmp_buf = NULL;
56 size_t encoded_private_key_len, tmp_buf_len; 56 size_t encoded_private_key_len, tmp_buf_len;
57 CBS cbs;
58 int failed = 0; 57 int failed = 0;
59 58
60 ctx->generate_key(ctx->encoded_public_key, NULL, ctx->priv); 59 if (!ctx->generate_key(ctx->encoded_public_key, NULL, ctx->priv)) {
60 warnx("generate_key failed");
61 failed |= 1;
62 }
61 63
62 memcpy(first_two_bytes, ctx->encoded_public_key, sizeof(first_two_bytes)); 64 memcpy(first_two_bytes, ctx->encoded_public_key, sizeof(first_two_bytes));
63 memset(ctx->encoded_public_key, 0xff, sizeof(first_two_bytes)); 65 memset(ctx->encoded_public_key, 0xff, sizeof(first_two_bytes));
64 66
65 CBS_init(&cbs, ctx->encoded_public_key, ctx->encoded_public_key_len);
66
67 /* Parsing should fail because the first coefficient is >= kPrime. */ 67 /* Parsing should fail because the first coefficient is >= kPrime. */
68 if (ctx->parse_public_key(ctx->pub, &cbs)) { 68 if (ctx->parse_public_key(ctx->pub, ctx->encoded_public_key,
69 ctx->encoded_public_key_len)) {
69 warnx("parse_public_key should have failed"); 70 warnx("parse_public_key should have failed");
70 failed |= 1; 71 failed |= 1;
71 } 72 }
72 73
73 memcpy(ctx->encoded_public_key, first_two_bytes, sizeof(first_two_bytes)); 74 memcpy(ctx->encoded_public_key, first_two_bytes, sizeof(first_two_bytes));
74 CBS_init(&cbs, ctx->encoded_public_key, ctx->encoded_public_key_len); 75 if (!ctx->parse_public_key(ctx->pub, ctx->encoded_public_key,
75 if (!ctx->parse_public_key(ctx->pub, &cbs)) { 76 ctx->encoded_public_key_len)) {
76 warnx("MLKEM768_parse_public_key"); 77 warnx("MLKEM768_parse_public_key");
77 failed |= 1; 78 failed |= 1;
78 } 79 }
79 80
80 if (CBS_len(&cbs) != 0u) { 81 if (!ctx->marshal_public_key(ctx->pub, &tmp_buf, &tmp_buf_len)) {
81 warnx("CBS_len must be 0"); 82 warnx("marshal_public_key");
82 failed |= 1;
83 }
84
85 if (!ctx->encode_public_key(ctx->pub, &tmp_buf, &tmp_buf_len)) {
86 warnx("encode_public_key");
87 failed |= 1; 83 failed |= 1;
88 } 84 }
89 if (ctx->encoded_public_key_len != tmp_buf_len) { 85 if (ctx->encoded_public_key_len != tmp_buf_len) {
@@ -100,8 +96,8 @@ MlKemUnitTest(struct unittest_ctx *ctx)
100 tmp_buf = NULL; 96 tmp_buf = NULL;
101 97
102 ctx->public_from_private(ctx->pub2, ctx->priv); 98 ctx->public_from_private(ctx->pub2, ctx->priv);
103 if (!ctx->encode_public_key(ctx->pub2, &tmp_buf, &tmp_buf_len)) { 99 if (!ctx->marshal_public_key(ctx->pub2, &tmp_buf, &tmp_buf_len)) {
104 warnx("encode_public_key"); 100 warnx("marshal_public_key");
105 failed |= 1; 101 failed |= 1;
106 } 102 }
107 if (ctx->encoded_public_key_len != tmp_buf_len) { 103 if (ctx->encoded_public_key_len != tmp_buf_len) {
@@ -117,7 +113,7 @@ MlKemUnitTest(struct unittest_ctx *ctx)
117 free(tmp_buf); 113 free(tmp_buf);
118 tmp_buf = NULL; 114 tmp_buf = NULL;
119 115
120 if (!ctx->encode_private_key(ctx->priv, &encoded_private_key, 116 if (!ctx->marshal_private_key(ctx->priv, &encoded_private_key,
121 &encoded_private_key_len)) { 117 &encoded_private_key_len)) {
122 warnx("mlkem768_encode_private_key"); 118 warnx("mlkem768_encode_private_key");
123 failed |= 1; 119 failed |= 1;
@@ -125,23 +121,23 @@ MlKemUnitTest(struct unittest_ctx *ctx)
125 121
126 memcpy(first_two_bytes, encoded_private_key, sizeof(first_two_bytes)); 122 memcpy(first_two_bytes, encoded_private_key, sizeof(first_two_bytes));
127 memset(encoded_private_key, 0xff, sizeof(first_two_bytes)); 123 memset(encoded_private_key, 0xff, sizeof(first_two_bytes));
128 CBS_init(&cbs, encoded_private_key, encoded_private_key_len);
129 124
130 /* Parsing should fail because the first coefficient is >= kPrime. */ 125 /* Parsing should fail because the first coefficient is >= kPrime. */
131 if (ctx->parse_private_key(ctx->priv2, &cbs)) { 126 if (ctx->parse_private_key(ctx->priv2, encoded_private_key,
127 encoded_private_key_len)) {
132 warnx("MLKEM768_parse_private_key should have failed"); 128 warnx("MLKEM768_parse_private_key should have failed");
133 failed |= 1; 129 failed |= 1;
134 } 130 }
135 131
136 memcpy(encoded_private_key, first_two_bytes, sizeof(first_two_bytes)); 132 memcpy(encoded_private_key, first_two_bytes, sizeof(first_two_bytes));
137 CBS_init(&cbs, encoded_private_key, encoded_private_key_len);
138 133
139 if (!ctx->parse_private_key(ctx->priv2, &cbs)) { 134 if (!ctx->parse_private_key(ctx->priv2, encoded_private_key,
135 encoded_private_key_len)) {
140 warnx("MLKEM768_parse_private_key"); 136 warnx("MLKEM768_parse_private_key");
141 failed |= 1; 137 failed |= 1;
142 } 138 }
143 139
144 if (!ctx->encode_private_key(ctx->priv2, &tmp_buf, &tmp_buf_len)) { 140 if (!ctx->marshal_private_key(ctx->priv2, &tmp_buf, &tmp_buf_len)) {
145 warnx("encode_private_key"); 141 warnx("encode_private_key");
146 failed |= 1; 142 failed |= 1;
147 } 143 }
@@ -161,16 +157,22 @@ MlKemUnitTest(struct unittest_ctx *ctx)
161 tmp_buf = NULL; 157 tmp_buf = NULL;
162 158
163 ctx->encap(ctx->ciphertext, shared_secret1, ctx->pub); 159 ctx->encap(ctx->ciphertext, shared_secret1, ctx->pub);
164 ctx->decap(shared_secret2, ctx->ciphertext, ctx->ciphertext_len, 160 if (!ctx->decap(shared_secret2, ctx->ciphertext, ctx->ciphertext_len,
165 ctx->priv); 161 ctx->priv)) {
162 warnx("decap() failed using priv");
163 failed |= 1;
164 }
166 if (compare_data(shared_secret1, shared_secret2, MLKEM_SHARED_SECRET_BYTES, 165 if (compare_data(shared_secret1, shared_secret2, MLKEM_SHARED_SECRET_BYTES,
167 "shared secrets with priv") != 0) { 166 "shared secrets with priv") != 0) {
168 warnx("compare_data"); 167 warnx("compare_data");
169 failed |= 1; 168 failed |= 1;
170 } 169 }
171 170
172 ctx->decap(shared_secret2, ctx->ciphertext, ctx->ciphertext_len, 171 if (!ctx->decap(shared_secret2, ctx->ciphertext, ctx->ciphertext_len,
173 ctx->priv2); 172 ctx->priv2)) {
173 warnx("decap() failed using priv2");
174 failed |= 1;
175 }
174 if (compare_data(shared_secret1, shared_secret2, MLKEM_SHARED_SECRET_BYTES, 176 if (compare_data(shared_secret1, shared_secret2, MLKEM_SHARED_SECRET_BYTES,
175 "shared secrets with priv2") != 0) { 177 "shared secrets with priv2") != 0) {
176 warnx("compare_data"); 178 warnx("compare_data");
@@ -203,8 +205,8 @@ mlkem768_unittest(void)
203 .generate_key = mlkem768_generate_key, 205 .generate_key = mlkem768_generate_key,
204 .parse_private_key = mlkem768_parse_private_key, 206 .parse_private_key = mlkem768_parse_private_key,
205 .parse_public_key = mlkem768_parse_public_key, 207 .parse_public_key = mlkem768_parse_public_key,
206 .encode_private_key = mlkem768_encode_private_key, 208 .marshal_private_key = mlkem768_marshal_private_key,
207 .encode_public_key = mlkem768_encode_public_key, 209 .marshal_public_key = mlkem768_marshal_public_key,
208 .public_from_private = mlkem768_public_from_private, 210 .public_from_private = mlkem768_public_from_private,
209 }; 211 };
210 212
@@ -232,8 +234,8 @@ mlkem1024_unittest(void)
232 .generate_key = mlkem1024_generate_key, 234 .generate_key = mlkem1024_generate_key,
233 .parse_private_key = mlkem1024_parse_private_key, 235 .parse_private_key = mlkem1024_parse_private_key,
234 .parse_public_key = mlkem1024_parse_public_key, 236 .parse_public_key = mlkem1024_parse_public_key,
235 .encode_private_key = mlkem1024_encode_private_key, 237 .marshal_private_key = mlkem1024_marshal_private_key,
236 .encode_public_key = mlkem1024_encode_public_key, 238 .marshal_public_key = mlkem1024_marshal_public_key,
237 .public_from_private = mlkem1024_public_from_private, 239 .public_from_private = mlkem1024_public_from_private,
238 }; 240 };
239 241
@@ -248,7 +250,7 @@ main(void)
248 /* 250 /*
249 * XXX - this is split into two helper functions since having a few 251 * XXX - this is split into two helper functions since having a few
250 * ML-KEM key blobs on the stack makes Emscripten's stack explode, 252 * ML-KEM key blobs on the stack makes Emscripten's stack explode,
251 * leading to inscrutable silent failures unles ASAN is enabled. 253 * leading to inscrutable silent failures unless ASAN is enabled.
252 * Go figure. 254 * Go figure.
253 */ 255 */
254 256
diff --git a/src/regress/lib/libcrypto/mlkem/parse_test_file.c b/src/regress/lib/libcrypto/mlkem/parse_test_file.c
index 19f03439e2..9f3e5f3a1a 100644
--- a/src/regress/lib/libcrypto/mlkem/parse_test_file.c
+++ b/src/regress/lib/libcrypto/mlkem/parse_test_file.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: parse_test_file.c,v 1.3 2024/12/27 11:17:48 tb Exp $ */ 1/* $OpenBSD: parse_test_file.c,v 1.6 2025/06/03 10:29:37 tb Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 2024 Theo Buehler <tb@openbsd.org> 4 * Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
@@ -47,6 +47,8 @@ static void
47line_data_clear(struct line_data *ld) 47line_data_clear(struct line_data *ld)
48{ 48{
49 freezero(ld->data, ld->data_len); 49 freezero(ld->data, ld->data_len);
50 /* The dereference isn't enough for silly old gcc 14. */
51 assert(ld != NULL);
50 explicit_bzero(ld, sizeof(*ld)); 52 explicit_bzero(ld, sizeof(*ld));
51} 53}
52 54
@@ -644,7 +646,8 @@ parse_reinit(struct parse *p)
644 p->state.running_test_case = 0; 646 p->state.running_test_case = 0;
645 parse_line_data_clear(p); 647 parse_line_data_clear(p);
646 tctx->finish(p->ctx); 648 tctx->finish(p->ctx);
647 tctx->init(p->ctx, p); 649 if (!tctx->init(p->ctx, p))
650 parse_errx(p, "init failed");
648} 651}
649 652
650static int 653static int
@@ -706,7 +709,8 @@ parse_init(struct parse *p, const char *fn, const struct test_parse *tctx,
706 parse_state_init(&p->state, tctx->num_states, tctx->num_instructions); 709 parse_state_init(&p->state, tctx->num_states, tctx->num_instructions);
707 p->tctx = tctx; 710 p->tctx = tctx;
708 p->ctx = ctx; 711 p->ctx = ctx;
709 tctx->init(ctx, p); 712 if (!tctx->init(p->ctx, p))
713 parse_errx(p, "init failed");
710} 714}
711 715
712static int 716static int
@@ -732,7 +736,10 @@ parse_next_line(struct parse *p)
732static void 736static void
733parse_finish(struct parse *p) 737parse_finish(struct parse *p)
734{ 738{
739 const struct test_parse *tctx = p->tctx;
740
735 parse_state_finish(&p->state); 741 parse_state_finish(&p->state);
742 tctx->finish(p->ctx);
736 743
737 free(p->buf); 744 free(p->buf);
738 745
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-14 14:25:49 +0000