Gitly


1 // generates ML-DSA test vectors using Go's crypto/internal/fips140/mldsa
2 // run from within the Go source tree because mldsa is not public yet
3 // see https://github.com/golang/go/issues/77626
4 //
5 // this is normally ran via gen.vsh
6 //
7 // GOROOT=. ./bin/go run ./src/crypto/internal/fips140/mldsa/gen
8 package main
9 
10 import (
11     "crypto/internal/fips140/mldsa"
12     "crypto/internal/fips140/sha3"
13     "crypto/sha256"
14     "encoding/hex"
15     "encoding/json"
16     "fmt"
17     "os"
18 )
19 
20 type Vector struct {
21     Kind      string `json:"kind"`
22     Seed      string `json:"seed"`
23     Msg       string `json:"msg"`
24     PkSha256  string `json:"pk_sha256"`
25     SigSha256 string `json:"sig_sha256"`
26     Context   string `json:"context,omitempty"`
27 }
28 
29 type variant struct {
30     name          string
31     newPrivateKey func([]byte) (*mldsa.PrivateKey, error)
32     newPublicKey  func([]byte) (*mldsa.PublicKey, error)
33 }
34 
35 func main() {
36     variants := []variant{
37         {"ml_dsa_44", mldsa.NewPrivateKey44, mldsa.NewPublicKey44},
38         {"ml_dsa_65", mldsa.NewPrivateKey65, mldsa.NewPublicKey65},
39         {"ml_dsa_87", mldsa.NewPrivateKey87, mldsa.NewPublicKey87},
40     }
41 
42     s := sha3.NewShake128()
43     seed := make([]byte, 32)
44     var vectors []Vector
45 
46     for _, v := range variants {
47         for i := 0; i < 3; i++ {
48             s.Read(seed)
49             priv, err := v.newPrivateKey(seed)
50             if err != nil {
51                 panic(err)
52             }
53             pk := priv.PublicKey().Bytes()
54 
55             msg := make([]byte, 32+i*17)
56             s.Read(msg)
57 
58             sig, err := mldsa.SignDeterministic(priv, msg, "")
59             if err != nil {
60                 panic(err)
61             }
62 
63             pub, err := v.newPublicKey(pk)
64             if err != nil {
65                 panic(err)
66             }
67             if err := mldsa.Verify(pub, msg, sig, ""); err != nil {
68                 panic(fmt.Sprintf("verify failed: %v", err))
69             }
70 
71             pkHash := sha256.Sum256(pk)
72             sigHash := sha256.Sum256(sig)
73             vectors = append(vectors, Vector{
74                 Kind:      v.name,
75                 Seed:      hex.EncodeToString(seed),
76                 Msg:       hex.EncodeToString(msg),
77                 PkSha256:  hex.EncodeToString(pkHash[:]),
78                 SigSha256: hex.EncodeToString(sigHash[:]),
79             })
80         }
81 
82         s.Read(seed)
83         priv, err := v.newPrivateKey(seed)
84         if err != nil {
85             panic(err)
86         }
87         pk := priv.PublicKey().Bytes()
88         msg := make([]byte, 40)
89         s.Read(msg)
90 
91         sig, err := mldsa.SignDeterministic(priv, msg, "test-context")
92         if err != nil {
93             panic(err)
94         }
95         pub, err := v.newPublicKey(pk)
96         if err != nil {
97             panic(err)
98         }
99         if err := mldsa.Verify(pub, msg, sig, "test-context"); err != nil {
100             panic(fmt.Sprintf("verify with context failed: %v", err))
101         }
102 
103         pkHash := sha256.Sum256(pk)
104         sigHash := sha256.Sum256(sig)
105         vectors = append(vectors, Vector{
106             Kind:      v.name,
107             Seed:      hex.EncodeToString(seed),
108             Msg:       hex.EncodeToString(msg),
109             PkSha256:  hex.EncodeToString(pkHash[:]),
110             SigSha256: hex.EncodeToString(sigHash[:]),
111             Context:   "test-context",
112         })
113     }
114 
115     enc := json.NewEncoder(os.Stdout)
116     enc.SetIndent("", "  ")
117     if err := enc.Encode(vectors); err != nil {
118         panic(err)
119     }
120 }
121

1	// generates ML-DSA test vectors using Go's crypto/internal/fips140/mldsa
2	// run from within the Go source tree because mldsa is not public yet
3	// see https://github.com/golang/go/issues/77626
4	//
5	// this is normally ran via gen.vsh
6	//
7	// GOROOT=. ./bin/go run ./src/crypto/internal/fips140/mldsa/gen
8	package main
9
10	import (
11	"crypto/internal/fips140/mldsa"
12	"crypto/internal/fips140/sha3"
13	"crypto/sha256"
14	"encoding/hex"
15	"encoding/json"
16	"fmt"
17	"os"
18	)
19
20	type Vector struct {
21	Kind string `json:"kind"`
22	Seed string `json:"seed"`
23	Msg string `json:"msg"`
24	PkSha256 string `json:"pk_sha256"`
25	SigSha256 string `json:"sig_sha256"`
26	Context string `json:"context,omitempty"`
27	}
28
29	type variant struct {
30	name string
31	newPrivateKey func([]byte) (*mldsa.PrivateKey, error)
32	newPublicKey func([]byte) (*mldsa.PublicKey, error)
33	}
34
35	func main() {
36	variants := []variant{
37	{"ml_dsa_44", mldsa.NewPrivateKey44, mldsa.NewPublicKey44},
38	{"ml_dsa_65", mldsa.NewPrivateKey65, mldsa.NewPublicKey65},
39	{"ml_dsa_87", mldsa.NewPrivateKey87, mldsa.NewPublicKey87},
40	}
41
42	s := sha3.NewShake128()
43	seed := make([]byte, 32)
44	var vectors []Vector
45
46	for _, v := range variants {
47	for i := 0; i < 3; i++ {
48	s.Read(seed)
49	priv, err := v.newPrivateKey(seed)
50	if err != nil {
51	panic(err)
52	}
53	pk := priv.PublicKey().Bytes()
54
55	msg := make([]byte, 32+i*17)
56	s.Read(msg)
57
58	sig, err := mldsa.SignDeterministic(priv, msg, "")
59	if err != nil {
60	panic(err)
61	}
62
63	pub, err := v.newPublicKey(pk)
64	if err != nil {
65	panic(err)
66	}
67	if err := mldsa.Verify(pub, msg, sig, ""); err != nil {
68	panic(fmt.Sprintf("verify failed: %v", err))
69	}
70
71	pkHash := sha256.Sum256(pk)
72	sigHash := sha256.Sum256(sig)
73	vectors = append(vectors, Vector{
74	Kind: v.name,
75	Seed: hex.EncodeToString(seed),
76	Msg: hex.EncodeToString(msg),
77	PkSha256: hex.EncodeToString(pkHash[:]),
78	SigSha256: hex.EncodeToString(sigHash[:]),
79	})
80	}
81
82	s.Read(seed)
83	priv, err := v.newPrivateKey(seed)
84	if err != nil {
85	panic(err)
86	}
87	pk := priv.PublicKey().Bytes()
88	msg := make([]byte, 40)
89	s.Read(msg)
90
91	sig, err := mldsa.SignDeterministic(priv, msg, "test-context")
92	if err != nil {
93	panic(err)
94	}
95	pub, err := v.newPublicKey(pk)
96	if err != nil {
97	panic(err)
98	}
99	if err := mldsa.Verify(pub, msg, sig, "test-context"); err != nil {
100	panic(fmt.Sprintf("verify with context failed: %v", err))
101	}
102
103	pkHash := sha256.Sum256(pk)
104	sigHash := sha256.Sum256(sig)
105	vectors = append(vectors, Vector{
106	Kind: v.name,
107	Seed: hex.EncodeToString(seed),
108	Msg: hex.EncodeToString(msg),
109	PkSha256: hex.EncodeToString(pkHash[:]),
110	SigSha256: hex.EncodeToString(sigHash[:]),
111	Context: "test-context",
112	})
113	}
114
115	enc := json.NewEncoder(os.Stdout)
116	enc.SetIndent("", " ")
117	if err := enc.Encode(vectors); err != nil {
118	panic(err)
119	}
120	}
121