Skip to content

Commit

Permalink
Change MLDSA to MLDSA65
Browse files Browse the repository at this point in the history
  • Loading branch information
fpseverino committed Dec 12, 2024
1 parent aae10bf commit c820d7a
Show file tree
Hide file tree
Showing 3 changed files with 40 additions and 40 deletions.
4 changes: 2 additions & 2 deletions Sources/_CryptoExtras/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ add_library(_CryptoExtras
"Key Derivation/PBKDF2/PBKDF2.swift"
"Key Derivation/Scrypt/BoringSSL/Scrypt_boring.swift"
"Key Derivation/Scrypt/Scrypt.swift"
"MLDSA/MLDSA_boring.swift"
"MLDSA/MLDSA65_boring.swift"
"OPRFs/OPRF.swift"
"OPRFs/OPRFClient.swift"
"OPRFs/OPRFServer.swift"
Expand All @@ -47,8 +47,8 @@ add_library(_CryptoExtras
"Util/CryptoKitErrors_boring.swift"
"Util/DigestType.swift"
"Util/Error.swift"
"Util/Optional+withUnsafeBytes.swift"
"Util/I2OSP.swift"
"Util/Optional+withUnsafeBytes.swift"
"Util/PEMDocument.swift"
"Util/PrettyBytes.swift"
"Util/SubjectPublicKeyInfo.swift"
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,9 +17,9 @@ import Crypto
import Foundation

/// A module-lattice-based digital signature algorithm that provides security against quantum computing attacks.
public enum MLDSA {}
public enum MLDSA65 {}

extension MLDSA {
extension MLDSA65 {
/// A ML-DSA-65 private key.
public struct PrivateKey: Sendable {
private var backing: Backing
Expand Down Expand Up @@ -74,11 +74,11 @@ extension MLDSA {

self.seed = try withUnsafeTemporaryAllocation(
of: UInt8.self,
capacity: MLDSA.seedSizeInBytes
capacity: MLDSA65.seedSizeInBytes
) { seedPtr in
try withUnsafeTemporaryAllocation(
of: UInt8.self,
capacity: MLDSA.PublicKey.Backing.bytesCount
capacity: MLDSA65.PublicKey.Backing.bytesCount
) { publicKeyPtr in
guard
CCryptoBoringSSL_MLDSA65_generate_key(
Expand All @@ -90,7 +90,7 @@ extension MLDSA {
throw CryptoKitError.internalBoringSSLError()
}

return Data(bytes: seedPtr.baseAddress!, count: MLDSA.seedSizeInBytes)
return Data(bytes: seedPtr.baseAddress!, count: MLDSA65.seedSizeInBytes)
}
}
}
Expand All @@ -101,7 +101,7 @@ extension MLDSA {
///
/// - Throws: `CryptoKitError.incorrectKeySize` if the seed is not 32 bytes long.
init(seed: some DataProtocol) throws {
guard seed.count == MLDSA.seedSizeInBytes else {
guard seed.count == MLDSA65.seedSizeInBytes else {
throw CryptoKitError.incorrectKeySize
}

Expand All @@ -113,7 +113,7 @@ extension MLDSA {
CCryptoBoringSSL_MLDSA65_private_key_from_seed(
&self.key,
seedPtr.baseAddress,
MLDSA.seedSizeInBytes
MLDSA65.seedSizeInBytes
)
}) == 1
else {
Expand Down Expand Up @@ -164,7 +164,7 @@ extension MLDSA {
}
}

extension MLDSA {
extension MLDSA65 {
/// A ML-DSA-65 public key.
public struct PublicKey: Sendable {
private var backing: Backing
Expand Down Expand Up @@ -216,7 +216,7 @@ extension MLDSA {
///
/// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size.
init(rawRepresentation: some DataProtocol) throws {
guard rawRepresentation.count == MLDSA.PublicKey.Backing.bytesCount else {
guard rawRepresentation.count == MLDSA65.PublicKey.Backing.bytesCount else {
throw CryptoKitError.incorrectKeySize
}

Expand All @@ -240,7 +240,7 @@ extension MLDSA {
var rawRepresentation: Data {
var cbb = CBB()
// The following BoringSSL functions can only fail on allocation failure, which we define as impossible.
CCryptoBoringSSL_CBB_init(&cbb, MLDSA.PublicKey.Backing.bytesCount)
CCryptoBoringSSL_CBB_init(&cbb, MLDSA65.PublicKey.Backing.bytesCount)
defer { CCryptoBoringSSL_CBB_cleanup(&cbb) }
CCryptoBoringSSL_MLDSA65_marshal_public_key(&cbb, &self.key)
return Data(bytes: CCryptoBoringSSL_CBB_data(&cbb), count: CCryptoBoringSSL_CBB_len(&cbb))
Expand Down Expand Up @@ -280,7 +280,7 @@ extension MLDSA {
}
}

extension MLDSA {
extension MLDSA65 {
/// A ML-DSA-65 signature.
public struct Signature: Sendable, ContiguousBytes {
/// The raw binary representation of the signature.
Expand Down Expand Up @@ -314,7 +314,7 @@ extension MLDSA {
}
}

extension MLDSA {
extension MLDSA65 {
/// The size of the seed in bytes.
private static let seedSizeInBytes = 32
}
Original file line number Diff line number Diff line change
Expand Up @@ -16,14 +16,14 @@ import XCTest

@testable import _CryptoExtras

final class MLDSATests: XCTestCase {
func testMLDSASigning() throws {
try testMLDSASigning(MLDSA.PrivateKey())
final class MLDSA65Tests: XCTestCase {
func testMLDSA65Signing() throws {
try testMLDSA65Signing(MLDSA65.PrivateKey())
let seed: [UInt8] = (0..<32).map { _ in UInt8.random(in: 0...255) }
try testMLDSASigning(MLDSA.PrivateKey(seed: seed))
try testMLDSA65Signing(MLDSA65.PrivateKey(seed: seed))
}

private func testMLDSASigning(_ key: MLDSA.PrivateKey) throws {
private func testMLDSA65Signing(_ key: MLDSA65.PrivateKey) throws {
let test = "Hello, world!".data(using: .utf8)!
try XCTAssertTrue(
key.publicKey.isValidSignature(
Expand All @@ -44,25 +44,25 @@ final class MLDSATests: XCTestCase {

func testSignatureSerialization() throws {
let data = Array("Hello, World!".utf8)
let key: MLDSA.PrivateKey = try MLDSA.PrivateKey()
let key: MLDSA65.PrivateKey = try MLDSA65.PrivateKey()
let signature = try key.signature(for: data)
let roundTripped = MLDSA.Signature(rawRepresentation: signature.rawRepresentation)
let roundTripped = MLDSA65.Signature(rawRepresentation: signature.rawRepresentation)
XCTAssertEqual(signature.rawRepresentation, roundTripped.rawRepresentation)
XCTAssertTrue(key.publicKey.isValidSignature(roundTripped, for: data))
}

func testSeedRoundTripping() throws {
let key = try MLDSA.PrivateKey()
let key = try MLDSA65.PrivateKey()
let seed = key.seed
let roundTripped = try MLDSA.PrivateKey(seed: seed)
let roundTripped = try MLDSA65.PrivateKey(seed: seed)
XCTAssertEqual(seed, roundTripped.seed)
XCTAssertEqual(key.publicKey.rawRepresentation, roundTripped.publicKey.rawRepresentation)
}

// This test is very slow, so it is disabled by default.
func _testBitFlips() throws {
let message = "Hello, world!".data(using: .utf8)!
let key = try MLDSA.PrivateKey()
let key = try MLDSA65.PrivateKey()
let publicKey = key.publicKey
let signature = try key.signature(for: message)
XCTAssertTrue(publicKey.isValidSignature(signature, for: message))
Expand All @@ -71,7 +71,7 @@ final class MLDSATests: XCTestCase {
for i in 0..<encodedSignature.count {
for j in 0..<8 {
encodedSignature[i] ^= 1 << j
let modifiedSignature = MLDSA.Signature(rawRepresentation: encodedSignature)
let modifiedSignature = MLDSA65.Signature(rawRepresentation: encodedSignature)
XCTAssertFalse(
publicKey.isValidSignature(modifiedSignature, for: message),
"Bit flip in signature at byte \(i) bit \(j) didn't cause a verification failure"
Expand All @@ -85,7 +85,7 @@ final class MLDSATests: XCTestCase {
let message = "Hello, world!".data(using: .utf8)!

let seed: [UInt8] = (0..<32).map { _ in UInt8.random(in: 0...255) }
let key = try MLDSA.PrivateKey(seed: seed)
let key = try MLDSA65.PrivateKey(seed: seed)
let publicKey = key.publicKey

let signature1 = try key.signature(for: message)
Expand All @@ -100,30 +100,30 @@ final class MLDSATests: XCTestCase {

func testInvalidPublicKeyEncodingLength() throws {
// Encode a public key with a trailing 0 at the end.
var encodedPublicKey = [UInt8](repeating: 0, count: MLDSA.PublicKey.bytesCount + 1)
var encodedPublicKey = [UInt8](repeating: 0, count: MLDSA65.PublicKey.bytesCount + 1)
let seed: [UInt8] = (0..<32).map { _ in UInt8.random(in: 0...255) }
let key = try MLDSA.PrivateKey(seed: seed)
let key = try MLDSA65.PrivateKey(seed: seed)
let publicKey = key.publicKey
encodedPublicKey.replaceSubrange(0..<MLDSA.PublicKey.bytesCount, with: publicKey.rawRepresentation)
encodedPublicKey.replaceSubrange(0..<MLDSA65.PublicKey.bytesCount, with: publicKey.rawRepresentation)

// Public key is 1 byte too short.
let shortPublicKey = Array(encodedPublicKey.prefix(MLDSA.PublicKey.bytesCount - 1))
XCTAssertThrowsError(try MLDSA.PublicKey(rawRepresentation: shortPublicKey))
let shortPublicKey = Array(encodedPublicKey.prefix(MLDSA65.PublicKey.bytesCount - 1))
XCTAssertThrowsError(try MLDSA65.PublicKey(rawRepresentation: shortPublicKey))

// Public key has the correct length.
let correctLengthPublicKey = Array(encodedPublicKey.prefix(MLDSA.PublicKey.bytesCount))
XCTAssertNoThrow(try MLDSA.PublicKey(rawRepresentation: correctLengthPublicKey))
let correctLengthPublicKey = Array(encodedPublicKey.prefix(MLDSA65.PublicKey.bytesCount))
XCTAssertNoThrow(try MLDSA65.PublicKey(rawRepresentation: correctLengthPublicKey))

// Public key is 1 byte too long.
XCTAssertThrowsError(try MLDSA.PublicKey(rawRepresentation: encodedPublicKey))
XCTAssertThrowsError(try MLDSA65.PublicKey(rawRepresentation: encodedPublicKey))
}

func testMLDSANISTKeyGenFile() throws {
func testMLDSA65NISTKeyGenFile() throws {
try nistTest(jsonName: "mldsa_nist_keygen_tests") { (testVector: NISTKeyGenTestVector) in
let seed = try Data(hexString: testVector.seed)
let publicKey = try MLDSA.PublicKey(rawRepresentation: Data(hexString: testVector.pub))
let publicKey = try MLDSA65.PublicKey(rawRepresentation: Data(hexString: testVector.pub))

let expectedkey = try MLDSA.PrivateKey(seed: seed).publicKey
let expectedkey = try MLDSA65.PrivateKey(seed: seed).publicKey
XCTAssertEqual(publicKey.rawRepresentation, expectedkey.rawRepresentation)
}
}
Expand Down Expand Up @@ -155,16 +155,16 @@ final class MLDSATests: XCTestCase {

func testMLDSAWycheproofVerifyFile() throws {
try wycheproofTest(jsonName: "mldsa_65_standard_verify_test") { (testGroup: WycheproofTestGroup) in
let publicKey: MLDSA.PublicKey
let publicKey: MLDSA65.PublicKey
do {
publicKey = try MLDSA.PublicKey(rawRepresentation: Data(hexString: testGroup.publicKey))
publicKey = try MLDSA65.PublicKey(rawRepresentation: Data(hexString: testGroup.publicKey))
} catch {
if testGroup.tests.contains(where: { $0.flags.contains(.incorrectPublicKeyLength) }) { return }
throw error
}
for test in testGroup.tests {
let message = try Data(hexString: test.msg)
let signature = try MLDSA.Signature(rawRepresentation: Data(hexString: test.sig))
let signature = try MLDSA65.Signature(rawRepresentation: Data(hexString: test.sig))
let context = try test.ctx.map { try Data(hexString: $0) }

switch test.result {
Expand Down

0 comments on commit c820d7a

Please sign in to comment.