Skip to content

Commit 108d2d3

Browse files
mkannwischermkannwischer
authored
Merge pull request #393 from pq-code-package/test-addCITest-PCT-zeroization
CI: add the PCT enabled, PCT enabled + broken, Custom zeroization (explicit_bzero)
2 parents faefbbe + 7aa56d4 commit 108d2d3

File tree

7 files changed

+491
-12
lines changed

7 files changed

+491
-12
lines changed

.github/workflows/ci.yml

Lines changed: 32 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -379,6 +379,38 @@ jobs:
379379
runs-on: ${{ matrix.target.runner }}
380380
steps:
381381
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
382+
- name: "PCT enabled"
383+
uses: ./.github/actions/multi-functest
384+
with:
385+
gh_token: ${{ secrets.GITHUB_TOKEN }}
386+
compile_mode: native
387+
cflags: "-DMLD_CONFIG_KEYGEN_PCT -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all"
388+
func: true
389+
kat: true
390+
acvp: true
391+
- name: "PCT enabled + broken"
392+
run: |
393+
make clean
394+
CFLAGS='-DMLD_CONFIG_FILE=\"../test/break_pct_config.h\"' make func -j4
395+
# PCT breakage is done at runtime via MLD_BREAK_PCT
396+
make run_func # Should be OK
397+
MLD_BREAK_PCT=0 make run_func # Should be OK
398+
if (MLD_BREAK_PCT=1 make run_func 2>&1 >/dev/null); then
399+
echo "PCT failure expected"
400+
exit 1
401+
else
402+
echo "PCT failed as expected"
403+
fi
404+
- name: "Custom zeroization (explicit_bzero)"
405+
uses: ./.github/actions/multi-functest
406+
with:
407+
gh_token: ${{ secrets.GITHUB_TOKEN }}
408+
compile_mode: native
409+
cflags: "-std=c11 -D_GNU_SOURCE -DMLD_CONFIG_FILE=\\\\\\\"../test/custom_zeroize_config.h\\\\\\\" -fsanitize=address -fsanitize=undefined -fno-sanitize-recover=all"
410+
func: true
411+
kat: true
412+
acvp: true
413+
examples: false # Some examples use a custom config themselves
382414
- name: "No ASM"
383415
uses: ./.github/actions/multi-functest
384416
with:

mldsa/sign.c

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -123,6 +123,7 @@ __contract__(
123123
#endif /* MLDSA_MODE == 5 */
124124
}
125125

126+
MLD_MUST_CHECK_RETURN_VALUE
126127
int crypto_sign_keypair_internal(uint8_t *pk, uint8_t *sk,
127128
const uint8_t seed[MLDSA_SEEDBYTES])
128129
{
@@ -193,6 +194,7 @@ int crypto_sign_keypair_internal(uint8_t *pk, uint8_t *sk,
193194
return 0;
194195
}
195196

197+
MLD_MUST_CHECK_RETURN_VALUE
196198
int crypto_sign_keypair(uint8_t *pk, uint8_t *sk)
197199
{
198200
uint8_t seed[MLDSA_SEEDBYTES];
@@ -291,6 +293,7 @@ __contract__(
291293
* step into a distinct function here in order to improve
292294
* efficiency of CBMC proof.
293295
**************************************************/
296+
MLD_MUST_CHECK_RETURN_VALUE
294297
static int mld_attempt_signature_generation(
295298
uint8_t *sig, const uint8_t *mu, const uint8_t rhoprime[MLDSA_CRHBYTES],
296299
uint16_t nonce, const mld_polyvecl mat[MLDSA_K], const mld_polyvecl *s1,
@@ -471,7 +474,7 @@ __contract__(
471474

472475
return 0; /* success */
473476
}
474-
477+
MLD_MUST_CHECK_RETURN_VALUE
475478
int crypto_sign_signature_internal(uint8_t *sig, size_t *siglen,
476479
const uint8_t *m, size_t mlen,
477480
const uint8_t *pre, size_t prelen,
@@ -565,6 +568,7 @@ int crypto_sign_signature_internal(uint8_t *sig, size_t *siglen,
565568
}
566569
}
567570

571+
MLD_MUST_CHECK_RETURN_VALUE
568572
int crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m,
569573
size_t mlen, const uint8_t *ctx, size_t ctxlen,
570574
const uint8_t *sk)
@@ -613,6 +617,7 @@ int crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m,
613617
return result;
614618
}
615619

620+
MLD_MUST_CHECK_RETURN_VALUE
616621
int crypto_sign_signature_extmu(uint8_t *sig, size_t *siglen,
617622
const uint8_t mu[MLDSA_CRHBYTES],
618623
const uint8_t *sk)
@@ -636,6 +641,7 @@ int crypto_sign_signature_extmu(uint8_t *sig, size_t *siglen,
636641
return result;
637642
}
638643

644+
MLD_MUST_CHECK_RETURN_VALUE
639645
int crypto_sign(uint8_t *sm, size_t *smlen, const uint8_t *m, size_t mlen,
640646
const uint8_t *ctx, size_t ctxlen, const uint8_t *sk)
641647
{
@@ -656,6 +662,7 @@ int crypto_sign(uint8_t *sm, size_t *smlen, const uint8_t *m, size_t mlen,
656662
return ret;
657663
}
658664

665+
MLD_MUST_CHECK_RETURN_VALUE
659666
int crypto_sign_verify_internal(const uint8_t *sig, size_t siglen,
660667
const uint8_t *m, size_t mlen,
661668
const uint8_t *pre, size_t prelen,
@@ -763,6 +770,7 @@ int crypto_sign_verify_internal(const uint8_t *sig, size_t siglen,
763770
return 0;
764771
}
765772

773+
MLD_MUST_CHECK_RETURN_VALUE
766774
int crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m,
767775
size_t mlen, const uint8_t *ctx, size_t ctxlen,
768776
const uint8_t *pk)
@@ -795,6 +803,7 @@ int crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m,
795803
return result;
796804
}
797805

806+
MLD_MUST_CHECK_RETURN_VALUE
798807
int crypto_sign_verify_extmu(const uint8_t *sig, size_t siglen,
799808
const uint8_t mu[MLDSA_CRHBYTES],
800809
const uint8_t *pk)
@@ -803,6 +812,7 @@ int crypto_sign_verify_extmu(const uint8_t *sig, size_t siglen,
803812
pk, 1);
804813
}
805814

815+
MLD_MUST_CHECK_RETURN_VALUE
806816
int crypto_sign_open(uint8_t *m, size_t *mlen, const uint8_t *sm, size_t smlen,
807817
const uint8_t *ctx, size_t ctxlen, const uint8_t *pk)
808818
{

mldsa/sign.h

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
#include "common.h"
1212
#include "poly.h"
1313
#include "polyvec.h"
14+
#include "sys.h"
1415

1516
#define crypto_sign_keypair_internal MLD_NAMESPACE(keypair_internal)
1617
/*************************************************
@@ -30,6 +31,7 @@
3031
*
3132
* Returns 0 (success) or -1 (PCT failure)
3233
**************************************************/
34+
MLD_MUST_CHECK_RETURN_VALUE
3335
int crypto_sign_keypair_internal(uint8_t *pk, uint8_t *sk,
3436
const uint8_t seed[MLDSA_SEEDBYTES])
3537
__contract__(
@@ -57,6 +59,7 @@ __contract__(
5759
*
5860
* Returns 0 (success) or -1 (PCT failure)
5961
**************************************************/
62+
MLD_MUST_CHECK_RETURN_VALUE
6063
int crypto_sign_keypair(uint8_t *pk, uint8_t *sk)
6164
__contract__(
6265
requires(memory_no_alias(pk, CRYPTO_PUBLICKEYBYTES))
@@ -92,6 +95,7 @@ __contract__(
9295
* in that it adds an explicit check for nonce exhaustion
9396
* and can return -1 in that case.
9497
**************************************************/
98+
MLD_MUST_CHECK_RETURN_VALUE
9599
int crypto_sign_signature_internal(uint8_t *sig, size_t *siglen,
96100
const uint8_t *m, size_t mlen,
97101
const uint8_t *pre, size_t prelen,
@@ -130,6 +134,7 @@ __contract__(
130134
*
131135
* Returns 0 (success) or -1 (context string too long OR nonce exhaustion)
132136
**************************************************/
137+
MLD_MUST_CHECK_RETURN_VALUE
133138
int crypto_sign_signature(uint8_t *sig, size_t *siglen, const uint8_t *m,
134139
size_t mlen, const uint8_t *ctx, size_t ctxlen,
135140
const uint8_t *sk)
@@ -160,6 +165,7 @@ __contract__(
160165
*
161166
* Returns 0 (success) or -1 (context string too long OR nonce exhaustion)
162167
**************************************************/
168+
MLD_MUST_CHECK_RETURN_VALUE
163169
int crypto_sign_signature_extmu(uint8_t *sig, size_t *siglen,
164170
const uint8_t mu[MLDSA_CRHBYTES],
165171
const uint8_t *sk)
@@ -193,6 +199,7 @@ __contract__(
193199
*
194200
* Returns 0 (success) or -1 (context string too long OR nonce exhausted)
195201
**************************************************/
202+
MLD_MUST_CHECK_RETURN_VALUE
196203
int crypto_sign(uint8_t *sm, size_t *smlen, const uint8_t *m, size_t mlen,
197204
const uint8_t *ctx, size_t ctxlen, const uint8_t *sk)
198205
__contract__(
@@ -225,6 +232,7 @@ __contract__(
225232
*
226233
* Returns 0 if signature could be verified correctly and -1 otherwise
227234
**************************************************/
235+
MLD_MUST_CHECK_RETURN_VALUE
228236
int crypto_sign_verify_internal(const uint8_t *sig, size_t siglen,
229237
const uint8_t *m, size_t mlen,
230238
const uint8_t *pre, size_t prelen,
@@ -256,6 +264,7 @@ __contract__(
256264
*
257265
* Returns 0 if signature could be verified correctly and -1 otherwise
258266
**************************************************/
267+
MLD_MUST_CHECK_RETURN_VALUE
259268
int crypto_sign_verify(const uint8_t *sig, size_t siglen, const uint8_t *m,
260269
size_t mlen, const uint8_t *ctx, size_t ctxlen,
261270
const uint8_t *pk)
@@ -281,6 +290,7 @@ __contract__(
281290
*
282291
* Returns 0 if signature could be verified correctly and -1 otherwise
283292
**************************************************/
293+
MLD_MUST_CHECK_RETURN_VALUE
284294
int crypto_sign_verify_extmu(const uint8_t *sig, size_t siglen,
285295
const uint8_t mu[MLDSA_CRHBYTES],
286296
const uint8_t *pk)
@@ -308,6 +318,7 @@ __contract__(
308318
*
309319
* Returns 0 if signed message could be verified correctly and -1 otherwise
310320
**************************************************/
321+
MLD_MUST_CHECK_RETURN_VALUE
311322
int crypto_sign_open(uint8_t *m, size_t *mlen, const uint8_t *sm, size_t smlen,
312323
const uint8_t *ctx, size_t ctxlen, const uint8_t *pk)
313324
__contract__(

0 commit comments

Comments
 (0)