Skip to content

Commit 91142e4

Browse files
mwcwmwcw
committed
Refactored seed only encoding.
Added Ops Test for seed only encoding.
1 parent 81be9c2 commit 91142e4

File tree

4 files changed

+337
-166
lines changed

4 files changed

+337
-166
lines changed

interface/CMakeLists.txt

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -100,6 +100,7 @@ if (${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" AND ${BC_ARCH} STREQUAL "arm64")
100100
target_link_libraries(interface_jni PUBLIC "${OPENSSL_PREFIX}/${OPEN_SSL_LIB}")
101101
target_compile_options(interface_jni PRIVATE -Wall -Wextra -Wpedantic -O3)
102102
if (DEFINED ENV{JOSTLE_OPS_TEST})
103+
message("OPS Test Enabled")
103104
target_compile_definitions(interface_jni PUBLIC JOSTLE_OPS)
104105
endif ()
105106

@@ -150,6 +151,7 @@ if (${CMAKE_SYSTEM_NAME} STREQUAL "Darwin" AND ${BC_ARCH} STREQUAL "arm64")
150151
target_link_libraries(interface_ffi PUBLIC "${OPENSSL_PREFIX}/${OPEN_SSL_LIB}")
151152
target_compile_options(interface_ffi PRIVATE -Wall -Wextra -Wpedantic -O3)
152153
if (DEFINED ENV{JOSTLE_OPS_TEST})
154+
message("OPS Test Enabled")
153155
target_compile_definitions(interface_ffi PUBLIC JOSTLE_OPS)
154156
endif ()
155157

@@ -228,6 +230,7 @@ elseif (${CMAKE_SYSTEM_NAME} STREQUAL "Linux" AND
228230
target_link_libraries(interface_jni PUBLIC "${OPENSSL_PREFIX}/${OPEN_SSL_LIB}")
229231
target_compile_options(interface_jni PRIVATE -Wall -Wextra -Wpedantic -O3)
230232
if (DEFINED ENV{JOSTLE_OPS_TEST})
233+
message("OPS Test Enabled")
231234
target_compile_definitions(interface_jni PUBLIC JOSTLE_OPS)
232235
endif ()
233236

@@ -279,6 +282,7 @@ elseif (${CMAKE_SYSTEM_NAME} STREQUAL "Linux" AND
279282
target_link_libraries(interface_ffi PUBLIC "${OPENSSL_PREFIX}/${OPEN_SSL_LIB}")
280283
target_compile_options(interface_ffi PRIVATE -Wall -Wextra -Wpedantic -O3)
281284
if (DEFINED ENV{JOSTLE_OPS_TEST})
285+
message("OPS Test Enabled")
282286
target_compile_definitions(interface_ffi PUBLIC JOSTLE_OPS)
283287
endif ()
284288

interface/util/asn1_util.c

Lines changed: 126 additions & 166 deletions
Original file line numberDiff line numberDiff line change
@@ -76,186 +76,145 @@ int32_t asn1_writer_encode_public_key(asn1_ctx *ctx, key_spec *key_spec, size_t
7676
return 1;
7777
}
7878

79-
static uint8_t mldsa44[] = {
80-
0x30, 0x34, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09,
81-
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x11,
82-
0x04, 0x22, 0x80, 0x20, 0xbf, 0x4a, 0xea, 0x44, 0x28,
83-
0xe8, 0x70, 0xa4, 0x30, 0x3e, 0x86, 0xb9, 0x91, 0x71,
84-
0x57, 0x2b, 0x39, 0xe3, 0x2c, 0x5a, 0x52, 0x14, 0x26,
85-
0x46, 0xbd, 0xaf, 0x35, 0xd7, 0xaa, 0x6d, 0x78, 0x0c
86-
87-
}; // Seed at byte 22 for 32
88-
89-
static uint8_t mldsa65[] = {
90-
0x30, 0x34, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09,
91-
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x12,
92-
0x04, 0x22, 0x80, 0x20, 0x4a, 0xe7, 0xbe, 0x75, 0x55,
93-
0x37, 0xfc, 0x5c, 0xdf, 0xde, 0x52, 0xa6, 0x71, 0xc7,
94-
0x07, 0xdb, 0xc1, 0x84, 0x98, 0xc9, 0xb4, 0x41, 0xa3,
95-
0xe4, 0x3c, 0x92, 0x9a, 0xc6, 0x3e, 0x51, 0x5f, 0x13
96-
};
97-
98-
static uint8_t mldsa87[] = {
99-
0x30, 0x34, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09,
100-
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x03, 0x13,
101-
0x04, 0x22, 0x80, 0x20, 0x5b, 0x6a, 0x6d, 0x59, 0xaf,
102-
0x8b, 0x09, 0x18, 0xf6, 0x73, 0x9c, 0x86, 0xb3, 0x57,
103-
0x78, 0x1f, 0x90, 0x4f, 0x91, 0x71, 0x0a, 0x00, 0x70,
104-
0x0e, 0xa7, 0xf1, 0x34, 0xba, 0xb3, 0xd4, 0x3e, 0xec
105-
106-
};
107-
108-
109-
static uint8_t mlkem512[] = {
110-
0x30, 0x54, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09,
111-
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x04, 0x01,
112-
0x04, 0x42, 0x80, 0x40, 0xa9, 0x9f, 0xb4, 0xeb, 0x19,
113-
0xf0, 0x71, 0x74, 0x2e, 0x77, 0x93, 0xc3, 0xdf, 0xf3,
114-
0x36, 0x3d, 0x76, 0x64, 0x41, 0x47, 0x55, 0x53, 0x26,
115-
0xf9, 0x0b, 0x33, 0x2b, 0x6a, 0x0b, 0x1e, 0x08, 0xca,
116-
0x60, 0x5e, 0x10, 0x87, 0x42, 0xa9, 0xa4, 0x16, 0xeb,
117-
0xec, 0x8f, 0xd2, 0x07, 0x4c, 0x63, 0xe6, 0xc1, 0x59,
118-
0x02, 0xbd, 0xf7, 0x03, 0x18, 0x81, 0xd0, 0x86, 0x18,
119-
0x5f, 0xaf, 0xa4, 0x53, 0x65
120-
121-
};
122-
123-
static uint8_t mlkem768[] = {
124-
0x30, 0x54, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09,
125-
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x04, 0x02,
126-
0x04, 0x42, 0x80, 0x40, 0xad, 0x8e, 0x66, 0x26, 0xf3,
127-
0x0e, 0xbb, 0x64, 0x5d, 0x46, 0x4f, 0x27, 0xe5, 0xd9,
128-
0x35, 0x5a, 0xc0, 0x33, 0x67, 0xfc, 0xc7, 0xaf, 0x7e,
129-
0x0b, 0xd8, 0x9e, 0x3d, 0xfb, 0x0a, 0xeb, 0x81, 0x25,
130-
0x04, 0xee, 0xef, 0x65, 0x16, 0xae, 0x75, 0xc4, 0x26,
131-
0xe4, 0x1b, 0xab, 0xb7, 0x15, 0x4f, 0xcd, 0x2a, 0xb4,
132-
0xce, 0x44, 0x90, 0xd1, 0x4a, 0x1c, 0xa7, 0x16, 0xed,
133-
0x59, 0x3e, 0x06, 0x84, 0x70
134-
}; // Seed at byte 22 for 64
135-
136-
137-
static uint8_t mlkem1024[] = {
138-
0x30, 0x54, 0x02, 0x01, 0x00, 0x30, 0x0b, 0x06, 0x09,
139-
0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x04, 0x03,
140-
0x04, 0x42, 0x80, 0x40, 0x63, 0xd5, 0x5c, 0xcf, 0x87,
141-
0x5f, 0x42, 0xd0, 0xf2, 0x5c, 0xee, 0xb5, 0x3e, 0x76,
142-
0x38, 0xef, 0x65, 0xb2, 0x32, 0x8b, 0xaf, 0x45, 0x27,
143-
0x10, 0x4d, 0x6d, 0x61, 0xb9, 0xe2, 0x7d, 0xeb, 0x4f,
144-
0x99, 0x3a, 0x0f, 0x33, 0xe9, 0x79, 0x15, 0x37, 0x11,
145-
0xa0, 0xdb, 0x9e, 0x5c, 0x3b, 0xf1, 0x9e, 0xb2, 0xcc,
146-
0xd0, 0x83, 0xbd, 0x4b, 0x5a, 0xa8, 0x16, 0x84, 0xb0,
147-
0x8e, 0xae, 0x48, 0xde, 0xe3
148-
149-
};
79+
80+
/**
81+
* Create a seed only encoding.
82+
* @param ctx
83+
* @param key_spec
84+
* @return 0 if there is a problem
85+
*/
86+
static int32_t seed_only_encoder(asn1_ctx *ctx, key_spec *key_spec) {
87+
// TODO Seed only encoding logic
88+
// Add logic to detect OpenSSL version and use that for seed only encoding.
89+
// Otherwise, default to using the templates.
90+
//
91+
92+
if (EVP_PKEY_is_a(key_spec->key, "ML-DSA-44")) {
93+
uint8_t b[sizeof(mldsa44)];
94+
memcpy(b, mldsa44, sizeof(mldsa44));
95+
96+
if (
97+
OPS_OPENSSL_ERROR_1 1 != EVP_PKEY_get_octet_string_param(
98+
key_spec->key,
99+
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 32, NULL)) {
100+
return 0;
101+
}
102+
103+
if (OPS_OPENSSL_ERROR_2 BIO_write(ctx->buffer, b, sizeof(mldsa44)) < 0) {
104+
return 0;
105+
}
106+
OPENSSL_cleanse(b, sizeof(mldsa44));
107+
return 1;
108+
}
109+
110+
if (EVP_PKEY_is_a(key_spec->key, "ML-DSA-65")) {
111+
uint8_t b[sizeof(mldsa65)];
112+
memcpy(b, mldsa65, sizeof(mldsa65));
113+
114+
if (OPS_OPENSSL_ERROR_1
115+
1 != EVP_PKEY_get_octet_string_param(
116+
key_spec->key,
117+
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 32, NULL)) {
118+
return 0;
119+
}
120+
121+
if (OPS_OPENSSL_ERROR_2 BIO_write(ctx->buffer, b, sizeof(mldsa65)) < 0) {
122+
return 0;
123+
}
124+
OPENSSL_cleanse(b, sizeof(mldsa65));
125+
return 1;
126+
}
127+
128+
if (EVP_PKEY_is_a(key_spec->key, "ML-DSA-87")) {
129+
uint8_t b[sizeof(mldsa87)];
130+
memcpy(b, mldsa87, sizeof(mldsa87));
131+
132+
if (OPS_OPENSSL_ERROR_1
133+
1 != EVP_PKEY_get_octet_string_param(
134+
key_spec->key,
135+
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 32, NULL)) {
136+
return 0;
137+
}
138+
139+
if (OPS_OPENSSL_ERROR_2 BIO_write(ctx->buffer, b, sizeof(mldsa87)) < 0) {
140+
return 0;
141+
}
142+
OPENSSL_cleanse(b, sizeof(mldsa87));
143+
return 1;
144+
}
145+
146+
if (EVP_PKEY_is_a(key_spec->key, "ML-KEM-512")) {
147+
uint8_t b[sizeof(mlkem512)];
148+
memcpy(b, mlkem512, sizeof(mlkem512));
149+
150+
if (OPS_OPENSSL_ERROR_1
151+
1 != EVP_PKEY_get_octet_string_param(
152+
key_spec->key,
153+
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 64, NULL)) {
154+
return 0;
155+
}
156+
157+
if (OPS_OPENSSL_ERROR_2 BIO_write(ctx->buffer, b, sizeof(mlkem512)) < 0) {
158+
return 0;
159+
}
160+
OPENSSL_cleanse(b, sizeof(mlkem512));
161+
return 1;
162+
}
163+
164+
if (EVP_PKEY_is_a(key_spec->key, "ML-KEM-768")) {
165+
uint8_t b[sizeof(mlkem768)];
166+
memcpy(b, mlkem768, sizeof(mlkem768));
167+
168+
if (OPS_OPENSSL_ERROR_1
169+
1 != EVP_PKEY_get_octet_string_param(
170+
key_spec->key,
171+
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 64, NULL)) {
172+
return 0;
173+
}
174+
175+
if (OPS_OPENSSL_ERROR_2 BIO_write(ctx->buffer, b, sizeof(mlkem768)) < 0) {
176+
return 0;
177+
}
178+
OPENSSL_cleanse(b, sizeof(mlkem768));
179+
return 1;
180+
}
181+
182+
if (EVP_PKEY_is_a(key_spec->key, "ML-KEM-1024")) {
183+
uint8_t b[sizeof(mlkem1024)];
184+
memcpy(b, mlkem1024, sizeof(mlkem1024));
185+
186+
if (OPS_OPENSSL_ERROR_1
187+
1 != EVP_PKEY_get_octet_string_param(
188+
key_spec->key,
189+
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 64, NULL)) {
190+
return 0;
191+
}
192+
193+
if (OPS_OPENSSL_ERROR_2 BIO_write(ctx->buffer, b, sizeof(mlkem1024)) < 0) {
194+
return 0;
195+
}
196+
OPENSSL_cleanse(b, sizeof(mlkem1024));
197+
return 1;
198+
}
199+
200+
return 0;
201+
}
150202

151203

152204
int32_t asn1_writer_encode_private_key(asn1_ctx *ctx, key_spec *key_spec, size_t *buf_len, int encoding_option) {
153205
assert(ctx != NULL);
154206
assert(key_spec != NULL);
155207
assert(key_spec->key != NULL);
156208

209+
157210
switch (encoding_option) {
158211
case PRIVATE_KEY_DEFAULT_ENCODING:
159212
if (!i2d_PrivateKey_bio(ctx->buffer, key_spec->key)) {
160213
return 0;
161214
}
162215
break;
163216
case PRIVATE_KEY_SEED_ONLY_ENCODING:
164-
165-
// NB hack until official support in OpenSSL
166-
// This is not intended to be robust implementation and will be replaced
167-
168-
if (EVP_PKEY_is_a(key_spec->key, "ML-DSA-44")) {
169-
uint8_t b[sizeof(mldsa44)];
170-
memcpy(b, mldsa44, sizeof(mldsa44));
171-
172-
if (
173-
1 != EVP_PKEY_get_octet_string_param(
174-
key_spec->key,
175-
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 32, NULL)) {
176-
return 0;
177-
}
178-
179-
if (BIO_write(ctx->buffer, b, sizeof(mldsa44)) < 0) {
180-
return 0;
181-
}
182-
OPENSSL_cleanse(b, sizeof(mldsa44));
183-
} else if (EVP_PKEY_is_a(key_spec->key, "ML-DSA-65")) {
184-
uint8_t b[sizeof(mldsa65)];
185-
memcpy(b, mldsa65, sizeof(mldsa65));
186-
187-
if (
188-
1 != EVP_PKEY_get_octet_string_param(
189-
key_spec->key,
190-
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 32, NULL)) {
191-
return 0;
192-
}
193-
194-
if (BIO_write(ctx->buffer, b, sizeof(mldsa65)) < 0) {
195-
return 0;
196-
}
197-
OPENSSL_cleanse(b, sizeof(mldsa65));
198-
} else if (EVP_PKEY_is_a(key_spec->key, "ML-DSA-87")) {
199-
uint8_t b[sizeof(mldsa87)];
200-
memcpy(b, mldsa87, sizeof(mldsa87));
201-
202-
if (
203-
1 != EVP_PKEY_get_octet_string_param(
204-
key_spec->key,
205-
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 32, NULL)) {
206-
return 0;
207-
}
208-
209-
if (BIO_write(ctx->buffer, b, sizeof(mldsa87)) < 0) {
210-
return 0;
211-
}
212-
OPENSSL_cleanse(b, sizeof(mldsa87));
213-
} else if (EVP_PKEY_is_a(key_spec->key, "ML-KEM-512")) {
214-
uint8_t b[sizeof(mlkem512)];
215-
memcpy(b, mlkem512, sizeof(mlkem512));
216-
217-
if (
218-
1 != EVP_PKEY_get_octet_string_param(
219-
key_spec->key,
220-
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 64, NULL)) {
221-
return JO_OPENSSL_ERROR;
222-
}
223-
224-
if (BIO_write(ctx->buffer, b, sizeof(mlkem512)) < 0) {
225-
return 0;
226-
}
227-
OPENSSL_cleanse(b, sizeof(mlkem512));
228-
} else if (EVP_PKEY_is_a(key_spec->key, "ML-KEM-768")) {
229-
uint8_t b[sizeof(mlkem768)];
230-
memcpy(b, mlkem768, sizeof(mlkem768));
231-
232-
if (
233-
1 != EVP_PKEY_get_octet_string_param(
234-
key_spec->key,
235-
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 64, NULL)) {
236-
return 0;
237-
}
238-
239-
if (BIO_write(ctx->buffer, b, sizeof(mlkem768)) < 0) {
240-
return 0;
241-
}
242-
OPENSSL_cleanse(b, sizeof(mlkem768));
243-
} else if (EVP_PKEY_is_a(key_spec->key, "ML-KEM-1024")) {
244-
uint8_t b[sizeof(mlkem1024)];
245-
memcpy(b, mlkem1024, sizeof(mlkem1024));
246-
247-
if (
248-
1 != EVP_PKEY_get_octet_string_param(
249-
key_spec->key,
250-
OSSL_PKEY_PARAM_ML_DSA_SEED, b + 22, 64, NULL)) {
251-
return 0;
252-
}
253-
254-
if (BIO_write(ctx->buffer, b, sizeof(mlkem1024)) < 0) {
255-
return 0;
256-
}
257-
OPENSSL_cleanse(b, sizeof(mlkem1024));
258-
} else {
217+
if (!seed_only_encoder(ctx, key_spec)) {
259218
return 0;
260219
}
261220
break;
@@ -265,6 +224,7 @@ int32_t asn1_writer_encode_private_key(asn1_ctx *ctx, key_spec *key_spec, size_t
265224

266225

267226
*buf_len = BIO_get_mem_data(ctx->buffer, NULL);
227+
268228
return 1;
269229
}
270230

0 commit comments

Comments
 (0)