1*e7be843bSPierre Pronchery#! /usr/bin/env perl 2*e7be843bSPierre Pronchery# Copyright 2024-2025 The OpenSSL Project Authors. All Rights Reserved. 3*e7be843bSPierre Pronchery# 4*e7be843bSPierre Pronchery# Licensed under the Apache License 2.0 (the "License"). You may not use 5*e7be843bSPierre Pronchery# this file except in compliance with the License. You can obtain a copy 6*e7be843bSPierre Pronchery# in the file LICENSE in the source distribution or at 7*e7be843bSPierre Pronchery# https://www.openssl.org/source/license.html 8*e7be843bSPierre Pronchery 9*e7be843bSPierre Proncheryuse strict; 10*e7be843bSPierre Proncheryuse warnings; 11*e7be843bSPierre Pronchery 12*e7be843bSPierre Proncheryuse OpenSSL::Test qw(:DEFAULT srctop_dir bldtop_dir srctop_file); 13*e7be843bSPierre Proncheryuse OpenSSL::Test::Utils; 14*e7be843bSPierre Pronchery 15*e7be843bSPierre ProncheryBEGIN { 16*e7be843bSPierre Pronchery setup("test_ml_dsa"); 17*e7be843bSPierre Pronchery} 18*e7be843bSPierre Pronchery 19*e7be843bSPierre Proncherymy $provconf = srctop_file("test", "fips-and-base.cnf"); 20*e7be843bSPierre Pronchery# fips will be added later 21*e7be843bSPierre Proncherymy $no_fips = disabled('fips') || ($ENV{NO_FIPS} // 0); 22*e7be843bSPierre Pronchery 23*e7be843bSPierre Proncheryuse lib srctop_dir('Configurations'); 24*e7be843bSPierre Proncheryuse lib bldtop_dir('.'); 25*e7be843bSPierre Pronchery 26*e7be843bSPierre Proncheryplan skip_all => 'ML-DSA is not supported in this build' if disabled('ml-dsa'); 27*e7be843bSPierre Proncheryplan tests => 12; 28*e7be843bSPierre Pronchery 29*e7be843bSPierre Proncheryrequire_ok(srctop_file('test','recipes','tconversion.pl')); 30*e7be843bSPierre Pronchery 31*e7be843bSPierre Proncherysubtest "ml-dsa-44 conversions using 'openssl pkey' -- private key" => sub { 32*e7be843bSPierre Pronchery tconversion( -type => "pkey", 33*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa44.pem"), 34*e7be843bSPierre Pronchery -prefix => "mldsa44-pkey-priv" ); 35*e7be843bSPierre Pronchery}; 36*e7be843bSPierre Proncherysubtest "ml-dsa-44 conversions using 'openssl pkey' -- pkcs8 key" => sub { 37*e7be843bSPierre Pronchery tconversion( -type => "pkey", 38*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa44.pem"), 39*e7be843bSPierre Pronchery -args => ["pkey"], 40*e7be843bSPierre Pronchery -prefix => "mldsa44-pkey-pkcs8" ); 41*e7be843bSPierre Pronchery}; 42*e7be843bSPierre Proncherysubtest "ml-dsa-44 conversions using 'openssl pkey' -- pub key" => sub { 43*e7be843bSPierre Pronchery tconversion( -type => "pkey", 44*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa44pub.pem"), 45*e7be843bSPierre Pronchery -args => ["pkey", "-pubin", "-pubout"], 46*e7be843bSPierre Pronchery -prefix => "mldsa44-pkey-pub" ); 47*e7be843bSPierre Pronchery}; 48*e7be843bSPierre Pronchery 49*e7be843bSPierre Proncherysubtest "ml-dsa-65 conversions using 'openssl pkey' -- private key" => sub { 50*e7be843bSPierre Pronchery tconversion( -type => "pkey", 51*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa65.pem"), 52*e7be843bSPierre Pronchery -prefix => "mldsa65-pkey-priv"); 53*e7be843bSPierre Pronchery}; 54*e7be843bSPierre Proncherysubtest "ml-dsa-65 conversions using 'openssl pkey' -- pkcs8 key" => sub { 55*e7be843bSPierre Pronchery tconversion( -type => "pkey", -in => srctop_file("test","testmldsa65.pem"), 56*e7be843bSPierre Pronchery -args => ["pkey"], -prefix => "mldsa65-pkey-pkcs8"); 57*e7be843bSPierre Pronchery}; 58*e7be843bSPierre Proncherysubtest "ml-dsa-65 conversions using 'openssl pkey' -- pub key" => sub { 59*e7be843bSPierre Pronchery tconversion( -type => "pkey", 60*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa65pub.pem"), 61*e7be843bSPierre Pronchery -args => ["pkey", "-pubin", "-pubout"], 62*e7be843bSPierre Pronchery -prefix => "mldsa65-pkey-pub" ); 63*e7be843bSPierre Pronchery}; 64*e7be843bSPierre Pronchery 65*e7be843bSPierre Proncherysubtest "ml-dsa-87 conversions using 'openssl pkey' -- private key" => sub { 66*e7be843bSPierre Pronchery tconversion( -type => "pkey", 67*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa87.pem"), 68*e7be843bSPierre Pronchery -prefix => "mldsa87-pkey-priv" ); 69*e7be843bSPierre Pronchery}; 70*e7be843bSPierre Proncherysubtest "ml-dsa-87 conversions using 'openssl pkey' -- pkcs8 key" => sub { 71*e7be843bSPierre Pronchery tconversion( -type => "pkey", 72*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa87.pem"), 73*e7be843bSPierre Pronchery -args => ["pkey"], 74*e7be843bSPierre Pronchery -prefix => "mldsa87-pkey-pkcs8" ); 75*e7be843bSPierre Pronchery}; 76*e7be843bSPierre Proncherysubtest "ml-dsa-87 conversions using 'openssl pkey' -- pub key" => sub { 77*e7be843bSPierre Pronchery tconversion( -type => "pkey", 78*e7be843bSPierre Pronchery -in => srctop_file("test","testmldsa87pub.pem"), 79*e7be843bSPierre Pronchery -args => ["pkey", "-pubin", "-pubout"], 80*e7be843bSPierre Pronchery -prefix => "mldsa87-pkey-pub" ); 81*e7be843bSPierre Pronchery}; 82*e7be843bSPierre Pronchery 83*e7be843bSPierre Proncheryok(run(test(["ml_dsa_test"])), "running ml_dsa_test"); 84*e7be843bSPierre Pronchery 85*e7be843bSPierre ProncherySKIP: { 86*e7be843bSPierre Pronchery skip "Skipping FIPS tests", 1 87*e7be843bSPierre Pronchery if $no_fips; 88*e7be843bSPierre Pronchery 89*e7be843bSPierre Pronchery # ML-DSA is only present after OpenSSL 3.5 90*e7be843bSPierre Pronchery run(test(["fips_version_test", "-config", $provconf, ">=3.5.0"]), 91*e7be843bSPierre Pronchery capture => 1, statusvar => \my $exit); 92*e7be843bSPierre Pronchery skip "FIPS provider version is too old for ML-DSA test", 1 93*e7be843bSPierre Pronchery if !$exit; 94*e7be843bSPierre Pronchery 95*e7be843bSPierre Pronchery ok(run(test(["ml_dsa_test", "-config", $provconf])), 96*e7be843bSPierre Pronchery "running ml_dsa_test with FIPS"); 97*e7be843bSPierre Pronchery} 98