Skip to content

Commit 6349d64

Browse files
[crypto/mldsa] ML-DSA-87 sign functest
This commit includes a functest for pure and pre-hash mode. Signed-off-by: Andrea Caforio <andrea.caforio@lowrisc.org>
1 parent 3da164c commit 6349d64

3 files changed

Lines changed: 4807 additions & 0 deletions

File tree

sw/device/tests/crypto/BUILD

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -725,6 +725,32 @@ cc_library(
725725
],
726726
)
727727

728+
cc_library(
729+
name = "mldsa87_sign_testvectors",
730+
srcs = ["mldsa87_sign_testvectors.h"],
731+
deps = [
732+
"//sw/device/lib/crypto/impl:mldsa",
733+
],
734+
)
735+
736+
opentitan_test(
737+
name = "mldsa87_sign_functest",
738+
srcs = ["mldsa87_sign_functest.c"],
739+
exec_env = CRYPTOTEST_EXEC_ENVS,
740+
verilator = verilator_params(
741+
timeout = "long",
742+
),
743+
deps = [
744+
":mldsa87_sign_testvectors",
745+
"//sw/device/lib/crypto/drivers:kmac",
746+
"//sw/device/lib/crypto/impl:config",
747+
"//sw/device/lib/crypto/impl:integrity",
748+
"//sw/device/lib/crypto/impl:mldsa",
749+
"//sw/device/lib/testing:entropy_testutils",
750+
"//sw/device/lib/testing/test_framework:ottf_main",
751+
],
752+
)
753+
728754
opentitan_test(
729755
name = "mldsa87_verify_functest",
730756
srcs = ["mldsa87_verify_functest.c"],
Lines changed: 76 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,76 @@
1+
// Copyright lowRISC contributors (OpenTitan project).
2+
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
3+
// SPDX-License-Identifier: Apache-2.0
4+
5+
#include "sw/device/lib/crypto/drivers/kmac.h"
6+
#include "sw/device/lib/crypto/include/config.h"
7+
#include "sw/device/lib/crypto/include/integrity.h"
8+
#include "sw/device/lib/crypto/include/mldsa.h"
9+
#include "sw/device/lib/testing/entropy_testutils.h"
10+
#include "sw/device/lib/testing/test_framework/ottf_main.h"
11+
#include "sw/device/tests/crypto/mldsa87_sign_testvectors.h"
12+
13+
/**
14+
* Execute a ML-DSA-87 signature generation.
15+
*/
16+
static status_t run_mldsa87_sign(const mldsa87_sign_testvector_t *vector) {
17+
otcrypto_blinded_key_t sk = {
18+
.config =
19+
{
20+
.version = kOtcryptoLibVersion1,
21+
.key_mode = kOtcryptoKeyModePqcMldsa87,
22+
.key_length = kOtcryptoMldsa87SkBytes,
23+
.hw_backed = kHardenedBoolFalse,
24+
.security_level = kOtcryptoKeySecurityLevelLow,
25+
},
26+
.keyblob_length = kOtcryptoMldsa87SkBytes,
27+
.keyblob = (unsigned int *)vector->sk,
28+
};
29+
sk.checksum = otcrypto_integrity_blinded_checksum(&sk);
30+
31+
otcrypto_const_byte_buf_t msg = OTCRYPTO_MAKE_BUF(
32+
otcrypto_const_byte_buf_t, vector->msg, vector->msg_len);
33+
otcrypto_const_byte_buf_t ctx = OTCRYPTO_MAKE_BUF(
34+
otcrypto_const_byte_buf_t, vector->ctx, vector->ctx_len);
35+
36+
uint32_t sig_data[kOtcryptoMldsa87SigWords];
37+
otcrypto_word32_buf_t sig = OTCRYPTO_MAKE_BUF(otcrypto_word32_buf_t, sig_data,
38+
kOtcryptoMldsa87SigWords);
39+
CHECK_STATUS_OK(otcrypto_mldsa87_sign(&sk, &msg, &ctx, vector->hash_mode,
40+
vector->sign_mode, &sig));
41+
42+
CHECK_ARRAYS_EQ(vector->sig, sig_data, kOtcryptoMldsa87SigWords);
43+
44+
return OTCRYPTO_OK;
45+
}
46+
47+
/**
48+
* Pure hashing mode.
49+
*/
50+
static status_t mldsa87_sign_pure_test(void) {
51+
return run_mldsa87_sign(
52+
&mldsa87_sign_testvectors[kMldsa87SignNistAcvp61Pure]);
53+
}
54+
55+
/**
56+
* Pre-hash mode.
57+
*/
58+
static status_t mldsa87_sign_pre_hash_test(void) {
59+
return run_mldsa87_sign(
60+
&mldsa87_sign_testvectors[kMldsa87SignNistAcvp76PreHashSha3_384]);
61+
}
62+
63+
OTTF_DEFINE_TEST_CONFIG();
64+
65+
bool test_main(void) {
66+
CHECK_STATUS_OK(entropy_testutils_auto_mode_init());
67+
CHECK_STATUS_OK(kmac_hwip_default_configure());
68+
69+
CHECK_STATUS_OK(otcrypto_init(kOtcryptoKeySecurityLevelLow));
70+
71+
status_t result = OK_STATUS();
72+
EXECUTE_TEST(result, mldsa87_sign_pure_test);
73+
EXECUTE_TEST(result, mldsa87_sign_pre_hash_test);
74+
75+
return status_ok(result);
76+
}

0 commit comments

Comments
 (0)