Fix ML-DSA internal MU tests#964
Open
iomartin wants to merge 3 commits into
Open
Conversation
In deterministic mode, the "rnd_str" variable was not definied, so it was reused from the last iteration, producing wrong results.
When signatureInterface=internal and externalMu=false, the ACVP server provides M' directly and OpenSSL must not encode it. The current code was telling OpenSSL to encode it which caused all tested with internal Mu to fail.
Last commit fixed the problem that caused internal mu to fail. We can now test with both internal and external mu.
Contributor
|
Hello, Thank you very much for the explanation and fix! I am busy on some other work presently but wanted to drop in and acknowledge this - I will take a look at it in the next week or so hopefully. Thanks, |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR fixes a couple of issues with ML-DSA vectors.
The first, as described in #963, happens when we try to use internal MU for ML-DSA. This was caused because OpenSSL was encoding the message, which it shouldn't.
The second problem was caused by the order in which test groups were executed. When reading the request JSON, setting one of the variables could be skipped, which caused it to keep the value from the previous iteration, thus producing the wrong result.
With these two fixes, we can switch mu testing from EXTERNAL to BOTH.
It was tested with:
using OpenSSL 3.5.0.
Resolves: #963