From b5d568ea85f2380b8447d6b8b652e81e0cbdfb8d Mon Sep 17 00:00:00 2001 From: beck <> Date: Mon, 19 May 2025 06:47:40 +0000 Subject: API changes for ML-KEM - Get rid of CBB/CBS usage in public api - Make void functions return int that can fail if malloc fails. Along with some fallout and resulting bikeshedding in the regress tests. ok jsing@, tb@ --- .../lib/libcrypto/mlkem/mlkem_iteration_tests.c | 8 ++- src/regress/lib/libcrypto/mlkem/mlkem_tests.c | 11 +-- src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c | 80 ++++++++-------------- src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h | 32 ++++----- src/regress/lib/libcrypto/mlkem/mlkem_unittest.c | 44 ++++++------ 5 files changed, 77 insertions(+), 98 deletions(-) (limited to 'src/regress') diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c b/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c index 5a61248090..a8495f55e3 100644 --- a/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c +++ b/src/regress/lib/libcrypto/mlkem/mlkem_iteration_tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_iteration_tests.c,v 1.2 2024/12/26 07:26:45 tb Exp $ */ +/* $OpenBSD: mlkem_iteration_tests.c,v 1.3 2025/05/19 06:47:40 beck Exp $ */ /* * Copyright (c) 2024 Google Inc. * Copyright (c) 2024 Bob Beck @@ -116,8 +116,10 @@ MlkemIterativeTest(struct iteration_ctx *ctx) } /* generate ek as encoded_public_key */ - ctx->generate_key_external_entropy(ctx->encoded_public_key, - ctx->priv, seed); + if (!ctx->generate_key_external_entropy(ctx->encoded_public_key, + ctx->priv, seed)) { + errx(1, "generate_key_external_entropy"); + } ctx->public_from_private(ctx->pub, ctx->priv); /* hash in ek */ diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_tests.c b/src/regress/lib/libcrypto/mlkem/mlkem_tests.c index e9ae417887..a4e7208c76 100644 --- a/src/regress/lib/libcrypto/mlkem/mlkem_tests.c +++ b/src/regress/lib/libcrypto/mlkem/mlkem_tests.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_tests.c,v 1.3 2025/05/03 08:34:07 tb Exp $ */ +/* $OpenBSD: mlkem_tests.c,v 1.4 2025/05/19 06:47:40 beck Exp $ */ /* * Copyright (c) 2024 Google Inc. * Copyright (c) 2024 Theo Buehler @@ -112,7 +112,8 @@ MlkemDecapFileTest(struct decap_ctx *decap) parse_get_cbs(p, DECAP_PRIVATE_KEY, &private_key); parse_get_int(p, DECAP_RESULT, &should_fail); - if (!decap->parse_private_key(decap->private_key, &private_key)) { + if (!decap->parse_private_key(decap->private_key, + CBS_data(&private_key), CBS_len(&private_key))) { if ((failed = !should_fail)) parse_info(p, "parse private key"); goto err; @@ -207,7 +208,8 @@ MlkemNistDecapFileTest(struct decap_ctx *decap) MLKEM_SHARED_SECRET_BYTES, CBS_len(&k))) goto err; - if (!decap->parse_private_key(decap->private_key, &dk)) { + if (!decap->parse_private_key(decap->private_key, CBS_data(&dk), + CBS_len(&dk))) { parse_info(p, "parse private key"); goto err; } @@ -360,7 +362,8 @@ MlkemEncapFileTest(struct encap_ctx *encap) parse_get_cbs(p, ENCAP_SHARED_SECRET, &shared_secret); parse_get_int(p, ENCAP_RESULT, &should_fail); - if (!encap->parse_public_key(encap->public_key, &public_key)) { + if (!encap->parse_public_key(encap->public_key, CBS_data(&public_key), + CBS_len(&public_key))) { if ((failed = !should_fail)) parse_info(p, "parse public key"); goto err; diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c index 1bb2ed3a8b..8677713c8e 100644 --- a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c +++ b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_tests_util.c,v 1.5 2024/12/26 00:04:24 tb Exp $ */ +/* $OpenBSD: mlkem_tests_util.c,v 1.6 2025/05/19 06:47:40 beck Exp $ */ /* * Copyright (c) 2024 Google Inc. * Copyright (c) 2024 Bob Beck @@ -83,25 +83,10 @@ mlkem768_encode_private_key(const void *private_key, uint8_t **out_buf, } int -mlkem768_encode_public_key(const void *public_key, uint8_t **out_buf, +mlkem768_marshal_public_key(const void *public_key, uint8_t **out_buf, size_t *out_len) { - CBB cbb; - int ret = 0; - - if (!CBB_init(&cbb, MLKEM768_PUBLIC_KEY_BYTES)) - goto err; - if (!MLKEM768_marshal_public_key(&cbb, public_key)) - goto err; - if (!CBB_finish(&cbb, out_buf, out_len)) - goto err; - - ret = 1; - - err: - CBB_cleanup(&cbb); - - return ret; + return MLKEM768_marshal_public_key(out_buf, out_len, public_key); } int @@ -127,25 +112,10 @@ mlkem1024_encode_private_key(const void *private_key, uint8_t **out_buf, } int -mlkem1024_encode_public_key(const void *public_key, uint8_t **out_buf, +mlkem1024_marshal_public_key(const void *public_key, uint8_t **out_buf, size_t *out_len) { - CBB cbb; - int ret = 0; - - if (!CBB_init(&cbb, MLKEM1024_PUBLIC_KEY_BYTES)) - goto err; - if (!MLKEM1024_marshal_public_key(&cbb, public_key)) - goto err; - if (!CBB_finish(&cbb, out_buf, out_len)) - goto err; - - ret = 1; - - err: - CBB_cleanup(&cbb); - - return ret; + return MLKEM1024_marshal_public_key(out_buf, out_len, public_key); } int @@ -173,32 +143,36 @@ mlkem768_encap_external_entropy(uint8_t *out_ciphertext, public_key, entropy); } -void +int mlkem768_generate_key(uint8_t *out_encoded_public_key, uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key) { - MLKEM768_generate_key(out_encoded_public_key, optional_out_seed, + return MLKEM768_generate_key(out_encoded_public_key, optional_out_seed, out_private_key); } -void +int mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key, void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]) { - MLKEM768_generate_key_external_entropy(out_encoded_public_key, + return MLKEM768_generate_key_external_entropy(out_encoded_public_key, out_private_key, entropy); } int -mlkem768_parse_private_key(void *out_private_key, CBS *private_key_cbs) +mlkem768_parse_private_key(void *out_private_key, const uint8_t *private_key, + size_t private_key_len) { - return MLKEM768_parse_private_key(out_private_key, private_key_cbs); + return MLKEM768_parse_private_key(out_private_key, private_key, + private_key_len); } int -mlkem768_parse_public_key(void *out_public_key, CBS *public_key_cbs) +mlkem768_parse_public_key(void *out_public_key, const uint8_t *public_key, + size_t public_key_len) { - return MLKEM768_parse_public_key(out_public_key, public_key_cbs); + return MLKEM768_parse_public_key(out_public_key, public_key, + public_key_len); } void @@ -232,26 +206,28 @@ mlkem1024_encap_external_entropy(uint8_t *out_ciphertext, public_key, entropy); } -void +int mlkem1024_generate_key(uint8_t *out_encoded_public_key, uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key) { - MLKEM1024_generate_key(out_encoded_public_key, optional_out_seed, + return MLKEM1024_generate_key(out_encoded_public_key, optional_out_seed, out_private_key); } -void +int mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key, void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]) { - MLKEM1024_generate_key_external_entropy(out_encoded_public_key, + return MLKEM1024_generate_key_external_entropy(out_encoded_public_key, out_private_key, entropy); } int -mlkem1024_parse_private_key(void *out_private_key, CBS *private_key_cbs) +mlkem1024_parse_private_key(void *out_private_key, const uint8_t *private_key, + size_t private_key_len) { - return MLKEM1024_parse_private_key(out_private_key, private_key_cbs); + return MLKEM1024_parse_private_key(out_private_key, private_key, + private_key_len); } void @@ -261,7 +237,9 @@ mlkem1024_public_from_private(void *out_public_key, const void *private_key) } int -mlkem1024_parse_public_key(void *out_public_key, CBS *public_key_cbs) +mlkem1024_parse_public_key(void *out_public_key, const uint8_t *public_key, + size_t public_key_len) { - return MLKEM1024_parse_public_key(out_public_key, public_key_cbs); + return MLKEM1024_parse_public_key(out_public_key, public_key, + public_key_len); } diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h index 7fbe6f76a9..a3b255082f 100644 --- a/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h +++ b/src/regress/lib/libcrypto/mlkem/mlkem_tests_util.h @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_tests_util.h,v 1.4 2024/12/26 00:04:24 tb Exp $ */ +/* $OpenBSD: mlkem_tests_util.h,v 1.5 2025/05/19 06:47:40 beck Exp $ */ /* * Copyright (c) 2024 Bob Beck * Copyright (c) 2024 Theo Buehler @@ -32,11 +32,11 @@ int compare_data(const uint8_t *want, const uint8_t *got, size_t len, int mlkem768_encode_private_key(const void *priv, uint8_t **out_buf, size_t *out_len); -int mlkem768_encode_public_key(const void *pub, uint8_t **out_buf, +int mlkem768_marshal_public_key(const void *pub, uint8_t **out_buf, size_t *out_len); int mlkem1024_encode_private_key(const void *priv, uint8_t **out_buf, size_t *out_len); -int mlkem1024_encode_public_key(const void *pub, uint8_t **out_buf, +int mlkem1024_marshal_public_key(const void *pub, uint8_t **out_buf, size_t *out_len); int mlkem768_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], @@ -46,12 +46,12 @@ void mlkem768_encap(uint8_t *out_ciphertext, void mlkem768_encap_external_entropy(uint8_t *out_ciphertext, uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], const void *pub, const uint8_t entropy[MLKEM_ENCAP_ENTROPY]); -void mlkem768_generate_key(uint8_t *out_encoded_public_key, +int mlkem768_generate_key(uint8_t *out_encoded_public_key, uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key); -void mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key, +int mlkem768_generate_key_external_entropy(uint8_t *out_encoded_public_key, void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]); -int mlkem768_parse_private_key(void *priv, CBS *private_key_cbs); -int mlkem768_parse_public_key(void *pub, CBS *in); +int mlkem768_parse_private_key(void *priv, const uint8_t *in, size_t in_len); +int mlkem768_parse_public_key(void *pub, const uint8_t *in, size_t in_len); void mlkem768_public_from_private(void *out_public_key, const void *private_key); int mlkem1024_decap(uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], @@ -61,16 +61,16 @@ void mlkem1024_encap(uint8_t *out_ciphertext, void mlkem1024_encap_external_entropy(uint8_t *out_ciphertext, uint8_t out_shared_secret[MLKEM_SHARED_SECRET_BYTES], const void *pub, const uint8_t entropy[MLKEM_ENCAP_ENTROPY]); -void mlkem1024_generate_key(uint8_t *out_encoded_public_key, +int mlkem1024_generate_key(uint8_t *out_encoded_public_key, uint8_t optional_out_seed[MLKEM_SEED_BYTES], void *out_private_key); -void mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key, +int mlkem1024_generate_key_external_entropy(uint8_t *out_encoded_public_key, void *out_private_key, const uint8_t entropy[MLKEM_SEED_BYTES]); -int mlkem1024_parse_private_key(void *priv, CBS *private_key_cbs); -int mlkem1024_parse_public_key(void *pub, CBS *in); +int mlkem1024_parse_private_key(void *priv, const uint8_t *in, size_t in_len); +int mlkem1024_parse_public_key(void *pub, const uint8_t *in, size_t in_len); void mlkem1024_public_from_private(void *out_public_key, const void *private_key); typedef int (*mlkem_encode_private_key_fn)(const void *, uint8_t **, size_t *); -typedef int (*mlkem_encode_public_key_fn)(const void *, uint8_t **, size_t *); +typedef int (*mlkem_marshal_public_key_fn)(const void *, uint8_t **, size_t *); typedef int (*mlkem_decap_fn)(uint8_t [MLKEM_SHARED_SECRET_BYTES], const uint8_t *, size_t, const void *); typedef void (*mlkem_encap_fn)(uint8_t *, uint8_t [MLKEM_SHARED_SECRET_BYTES], @@ -78,11 +78,11 @@ typedef void (*mlkem_encap_fn)(uint8_t *, uint8_t [MLKEM_SHARED_SECRET_BYTES], typedef void (*mlkem_encap_external_entropy_fn)(uint8_t *, uint8_t [MLKEM_SHARED_SECRET_BYTES], const void *, const uint8_t [MLKEM_ENCAP_ENTROPY]); -typedef void (*mlkem_generate_key_fn)(uint8_t *, uint8_t *, void *); -typedef void (*mlkem_generate_key_external_entropy_fn)(uint8_t *, void *, +typedef int (*mlkem_generate_key_fn)(uint8_t *, uint8_t *, void *); +typedef int (*mlkem_generate_key_external_entropy_fn)(uint8_t *, void *, const uint8_t [MLKEM_SEED_BYTES]); -typedef int (*mlkem_parse_private_key_fn)(void *, CBS *); -typedef int (*mlkem_parse_public_key_fn)(void *, CBS *); +typedef int (*mlkem_parse_private_key_fn)(void *, const uint8_t *, size_t); +typedef int (*mlkem_parse_public_key_fn)(void *, const uint8_t *, size_t); typedef void (*mlkem_public_from_private_fn)(void *out_public_key, const void *private_key); diff --git a/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c b/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c index 597297b8cc..a1adc88569 100644 --- a/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c +++ b/src/regress/lib/libcrypto/mlkem/mlkem_unittest.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mlkem_unittest.c,v 1.7 2025/05/03 08:34:55 tb Exp $ */ +/* $OpenBSD: mlkem_unittest.c,v 1.8 2025/05/19 06:47:40 beck Exp $ */ /* * Copyright (c) 2024 Google Inc. * Copyright (c) 2024 Bob Beck @@ -42,7 +42,7 @@ struct unittest_ctx { mlkem_parse_private_key_fn parse_private_key; mlkem_parse_public_key_fn parse_public_key; mlkem_encode_private_key_fn encode_private_key; - mlkem_encode_public_key_fn encode_public_key; + mlkem_marshal_public_key_fn marshal_public_key; mlkem_public_from_private_fn public_from_private; }; @@ -54,36 +54,32 @@ MlKemUnitTest(struct unittest_ctx *ctx) uint8_t first_two_bytes[2]; uint8_t *encoded_private_key = NULL, *tmp_buf = NULL; size_t encoded_private_key_len, tmp_buf_len; - CBS cbs; int failed = 0; - ctx->generate_key(ctx->encoded_public_key, NULL, ctx->priv); + if (!ctx->generate_key(ctx->encoded_public_key, NULL, ctx->priv)) { + warnx("generate_key failed"); + failed |= 1; + } memcpy(first_two_bytes, ctx->encoded_public_key, sizeof(first_two_bytes)); memset(ctx->encoded_public_key, 0xff, sizeof(first_two_bytes)); - CBS_init(&cbs, ctx->encoded_public_key, ctx->encoded_public_key_len); - /* Parsing should fail because the first coefficient is >= kPrime. */ - if (ctx->parse_public_key(ctx->pub, &cbs)) { + if (ctx->parse_public_key(ctx->pub, ctx->encoded_public_key, + ctx->encoded_public_key_len)) { warnx("parse_public_key should have failed"); failed |= 1; } memcpy(ctx->encoded_public_key, first_two_bytes, sizeof(first_two_bytes)); - CBS_init(&cbs, ctx->encoded_public_key, ctx->encoded_public_key_len); - if (!ctx->parse_public_key(ctx->pub, &cbs)) { + if (!ctx->parse_public_key(ctx->pub, ctx->encoded_public_key, + ctx->encoded_public_key_len)) { warnx("MLKEM768_parse_public_key"); failed |= 1; } - if (CBS_len(&cbs) != 0u) { - warnx("CBS_len must be 0"); - failed |= 1; - } - - if (!ctx->encode_public_key(ctx->pub, &tmp_buf, &tmp_buf_len)) { - warnx("encode_public_key"); + if (!ctx->marshal_public_key(ctx->pub, &tmp_buf, &tmp_buf_len)) { + warnx("marshal_public_key"); failed |= 1; } if (ctx->encoded_public_key_len != tmp_buf_len) { @@ -100,8 +96,8 @@ MlKemUnitTest(struct unittest_ctx *ctx) tmp_buf = NULL; ctx->public_from_private(ctx->pub2, ctx->priv); - if (!ctx->encode_public_key(ctx->pub2, &tmp_buf, &tmp_buf_len)) { - warnx("encode_public_key"); + if (!ctx->marshal_public_key(ctx->pub2, &tmp_buf, &tmp_buf_len)) { + warnx("marshal_public_key"); failed |= 1; } if (ctx->encoded_public_key_len != tmp_buf_len) { @@ -125,18 +121,18 @@ MlKemUnitTest(struct unittest_ctx *ctx) memcpy(first_two_bytes, encoded_private_key, sizeof(first_two_bytes)); memset(encoded_private_key, 0xff, sizeof(first_two_bytes)); - CBS_init(&cbs, encoded_private_key, encoded_private_key_len); /* Parsing should fail because the first coefficient is >= kPrime. */ - if (ctx->parse_private_key(ctx->priv2, &cbs)) { + if (ctx->parse_private_key(ctx->priv2, encoded_private_key, + encoded_private_key_len)) { warnx("MLKEM768_parse_private_key should have failed"); failed |= 1; } memcpy(encoded_private_key, first_two_bytes, sizeof(first_two_bytes)); - CBS_init(&cbs, encoded_private_key, encoded_private_key_len); - if (!ctx->parse_private_key(ctx->priv2, &cbs)) { + if (!ctx->parse_private_key(ctx->priv2, encoded_private_key, + encoded_private_key_len)) { warnx("MLKEM768_parse_private_key"); failed |= 1; } @@ -210,7 +206,7 @@ mlkem768_unittest(void) .parse_private_key = mlkem768_parse_private_key, .parse_public_key = mlkem768_parse_public_key, .encode_private_key = mlkem768_encode_private_key, - .encode_public_key = mlkem768_encode_public_key, + .marshal_public_key = mlkem768_marshal_public_key, .public_from_private = mlkem768_public_from_private, }; @@ -239,7 +235,7 @@ mlkem1024_unittest(void) .parse_private_key = mlkem1024_parse_private_key, .parse_public_key = mlkem1024_parse_public_key, .encode_private_key = mlkem1024_encode_private_key, - .encode_public_key = mlkem1024_encode_public_key, + .marshal_public_key = mlkem1024_marshal_public_key, .public_from_private = mlkem1024_public_from_private, }; -- cgit v1.2.3-55-g6feb