gmsm/slhdsa/dsa_test.go

// Copyright 2025 Sun Yimin. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

//go:build go1.24

package slhdsa

import (
	"bytes"
	"encoding/hex"
	"encoding/json"
	"os"
	"path/filepath"
	"testing"
)

type slhtest struct {
	ParameterSet         string `json:"parameterSet"`
	Sk                   string `json:"sk"`
	Pk                   string `json:"pk"`
	AdditionalRandomness string `json:"additionalRandomness,omitempty"`
	Message              string `json:"message"`
	Context              string `json:"context,omitempty"`
	Signature            string `json:"signature"`
}

func loadData(filename string) (*slhtest, error) {
	file := filepath.Join("testdata", filename)
	// read json conentent from file and Unmarshal to slhtest
	in, err := os.Open(file)
	if err != nil {
		return nil, err
	}
	defer in.Close()
	var data slhtest
	if err := json.NewDecoder(in).Decode(&data); err != nil {
		return nil, err
	}
	return &data, nil
}

func TestSignFromFiles(t *testing.T) {
	// list files in testdata
	files, err := os.ReadDir("testdata")
	if err != nil {
		t.Fatalf("ReadDir failed: %v", err)
	}
	for _, file := range files {
		if file.IsDir() {
			continue
		}
		data, err := loadData(file.Name())
		if err != nil {
			t.Fatalf("loadData failed: %v", err)
		}
		testData(t, file.Name(), data)
	}
}

func testData(t *testing.T, filename string, tc *slhtest) {
	t.Helper()
	params, ok := GetParameterSet(tc.ParameterSet)
	if !ok {
		t.Fatalf("%v GetParameterSet(%s)", filename, tc.ParameterSet)
	}
	skBytes, _ := hex.DecodeString(tc.Sk)
	pkBytes, _ := hex.DecodeString(tc.Pk)
	addRand, _ := hex.DecodeString(tc.AdditionalRandomness)
	message, _ := hex.DecodeString(tc.Message)
	context, _ := hex.DecodeString(tc.Context)
	sig, _ := hex.DecodeString(tc.Signature)
	sigOriginal := sig
	privKey, err := params.NewPrivateKey(skBytes)
	if err != nil {
		t.Fatalf("%v NewPrivateKey(%x) = %v", filename, skBytes, err)
	}
	sig2, err := privKey.Sign(nil, message, &Options{context, addRand})
	if err != nil {
		t.Fatalf("%v Sign(%x,%x) = %v", filename, message, context, err)
	}
	// check R
	if !bytes.Equal(sig[:params.n], sig2[:params.n]) {
		t.Errorf("signature.R = %x, want %x", sig2[:params.n], sig[:params.n])
	}
	// check SIGfors
	sig2 = sig2[params.n:]
	sig = sig[params.n:]
	if !bytes.Equal(sig[:privKey.params.n*(privKey.params.a+1)*privKey.params.k], sig2[:privKey.params.n*(privKey.params.a+1)*privKey.params.k]) {
		t.Errorf("signature.SIGfors = %x, want %x", sig2[:privKey.params.n*(privKey.params.a+1)*privKey.params.k], sig[:privKey.params.n*(privKey.params.a+1)*privKey.params.k])
	}
	// check SIGht
	sig2 = sig2[privKey.params.n*(privKey.params.a+1)*privKey.params.k:]
	sig = sig[privKey.params.n*(privKey.params.a+1)*privKey.params.k:]
	for i := range int(privKey.params.d) {
		if !bytes.Equal(sig[:privKey.params.n*(privKey.params.len+privKey.params.hm)], sig2[:privKey.params.n*(privKey.params.len+privKey.params.hm)]) {
			t.Errorf("signature.SIGht = %v %x, want %x", i, sig2[:privKey.params.n*(privKey.params.len+privKey.params.hm)], sig[:privKey.params.n*(privKey.params.len+privKey.params.hm)])
		}
		sig2 = sig2[privKey.params.n*(privKey.params.len+privKey.params.hm):]
		sig = sig[privKey.params.n*(privKey.params.len+privKey.params.hm):]
	}
	// test verify
	pub, err := params.NewPublicKey(pkBytes)
	if err != nil {
		t.Fatalf("%v NewPublicKey(%x) = %v", filename, pkBytes, err)
	}
	if !pub.VerifyWithOptions(sigOriginal, message, &Options{Context: context}) {
		t.Errorf("%v Verify() = false, want true", filename)
	}
}
slhdsa: SLH-DSA initialize 2025-05-21 11:10:44 +08:00			`// Copyright 2025 Sun Yimin. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

			`//go:build go1.24`

			`package slhdsa`

			`import (`
			`"bytes"`
			`"encoding/hex"`
			`"encoding/json"`
			`"os"`
			`"path/filepath"`
			`"testing"`
			`)`

			`type slhtest struct {`
			ParameterSet string `json:"parameterSet"`
			Sk string `json:"sk"`
			Pk string `json:"pk"`
			AdditionalRandomness string `json:"additionalRandomness,omitempty"`
			Message string `json:"message"`
			Context string `json:"context,omitempty"`
			Signature string `json:"signature"`
			`}`

			`func loadData(filename string) (*slhtest, error) {`
			`file := filepath.Join("testdata", filename)`
			`// read json conentent from file and Unmarshal to slhtest`
			`in, err := os.Open(file)`
			`if err != nil {`
			`return nil, err`
			`}`
			`defer in.Close()`
			`var data slhtest`
			`if err := json.NewDecoder(in).Decode(&data); err != nil {`
			`return nil, err`
			`}`
			`return &data, nil`
			`}`

			`func TestSignFromFiles(t *testing.T) {`
			`// list files in testdata`
			`files, err := os.ReadDir("testdata")`
			`if err != nil {`
			`t.Fatalf("ReadDir failed: %v", err)`
			`}`
			`for _, file := range files {`
			`if file.IsDir() {`
			`continue`
			`}`
			`data, err := loadData(file.Name())`
			`if err != nil {`
			`t.Fatalf("loadData failed: %v", err)`
			`}`
			`testData(t, file.Name(), data)`
			`}`
			`}`

			`func testData(t testing.T, filename string, tc slhtest) {`
			`t.Helper()`
			`params, ok := GetParameterSet(tc.ParameterSet)`
			`if !ok {`
			`t.Fatalf("%v GetParameterSet(%s)", filename, tc.ParameterSet)`
			`}`
			`skBytes, _ := hex.DecodeString(tc.Sk)`
			`pkBytes, _ := hex.DecodeString(tc.Pk)`
			`addRand, _ := hex.DecodeString(tc.AdditionalRandomness)`
			`message, _ := hex.DecodeString(tc.Message)`
			`context, _ := hex.DecodeString(tc.Context)`
			`sig, _ := hex.DecodeString(tc.Signature)`
			`sigOriginal := sig`
slhdsa: provide handy methods 2025-05-27 10:12:08 +08:00			`privKey, err := params.NewPrivateKey(skBytes)`
slhdsa: SLH-DSA initialize 2025-05-21 11:10:44 +08:00			`if err != nil {`
			`t.Fatalf("%v NewPrivateKey(%x) = %v", filename, skBytes, err)`
			`}`
Release v0.33.0 * build(deps): bump github/codeql-action from 3.29.11 to 3.30.0 (#361) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.11 to 3.30.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3c3833e0f8c1c83d449a7478aa59c036a9165498...2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump codecov/codecov-action from 5.5.0 to 5.5.1 (#362) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.0 to 5.5.1. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/fdcc8476540edceab3de004e990f80d881c6cc00...5a1091511ad55cbe89839c7260b706298ca349f7) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 5.5.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 (#363) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.5.0 to 6.0.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/d35c59abb061a4a6fb18e82ac0862c26744d6ab5...44694675825211faa026b3c33043df3e48a5fa00) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github/codeql-action from 3.30.0 to 3.30.1 (#364) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.0 to 3.30.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d...f1f6e5f6af878fb37288ce1c627459e94dbf7d01) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#367) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.0 to 2.13.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github/codeql-action from 3.30.1 to 3.30.2 (#368) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.1 to 3.30.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f1f6e5f6af878fb37288ce1c627459e94dbf7d01...d3678e237b9c32a6c9bffb3315c335f976f3549f) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(mlkem): initialize mlkem from golang standard library * chore(mlkem): refactoring, reduce alloc times * build(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (#369) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.2 to 3.30.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/d3678e237b9c32a6c9bffb3315c335f976f3549f...192325c86100d080feab897ff886c34abd4c83a3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * doc(README): include MLKEM * mldsa: refactor the implementation of key and sign/verify * mldsa,slhdsa: crypto.Signer assertion * fix(slhdsa): GenerateKey slice issue #72 * fix(slhdsa): copy/paste issue --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sun Yimin <emmansun@users.noreply.github.com> 2025-09-15 11:52:26 +08:00			`sig2, err := privKey.Sign(nil, message, &Options{context, addRand})`
slhdsa: SLH-DSA initialize 2025-05-21 11:10:44 +08:00			`if err != nil {`
			`t.Fatalf("%v Sign(%x,%x) = %v", filename, message, context, err)`
			`}`
			`// check R`
			`if !bytes.Equal(sig[:params.n], sig2[:params.n]) {`
			`t.Errorf("signature.R = %x, want %x", sig2[:params.n], sig[:params.n])`
			`}`
			`// check SIGfors`
			`sig2 = sig2[params.n:]`
			`sig = sig[params.n:]`
			`if !bytes.Equal(sig[:privKey.params.n(privKey.params.a+1)privKey.params.k], sig2[:privKey.params.n(privKey.params.a+1)privKey.params.k]) {`
			`t.Errorf("signature.SIGfors = %x, want %x", sig2[:privKey.params.n(privKey.params.a+1)privKey.params.k], sig[:privKey.params.n(privKey.params.a+1)privKey.params.k])`
			`}`
			`// check SIGht`
			`sig2 = sig2[privKey.params.n(privKey.params.a+1)privKey.params.k:]`
			`sig = sig[privKey.params.n(privKey.params.a+1)privKey.params.k:]`
			`for i := range int(privKey.params.d) {`
			`if !bytes.Equal(sig[:privKey.params.n(privKey.params.len+privKey.params.hm)], sig2[:privKey.params.n(privKey.params.len+privKey.params.hm)]) {`
			`t.Errorf("signature.SIGht = %v %x, want %x", i, sig2[:privKey.params.n(privKey.params.len+privKey.params.hm)], sig[:privKey.params.n(privKey.params.len+privKey.params.hm)])`
			`}`
			`sig2 = sig2[privKey.params.n*(privKey.params.len+privKey.params.hm):]`
			`sig = sig[privKey.params.n*(privKey.params.len+privKey.params.hm):]`
			`}`
			`// test verify`
slhdsa: provide handy methods 2025-05-27 10:12:08 +08:00			`pub, err := params.NewPublicKey(pkBytes)`
slhdsa: SLH-DSA initialize 2025-05-21 11:10:44 +08:00			`if err != nil {`
			`t.Fatalf("%v NewPublicKey(%x) = %v", filename, pkBytes, err)`
			`}`
Release v0.33.0 * build(deps): bump github/codeql-action from 3.29.11 to 3.30.0 (#361) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.11 to 3.30.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3c3833e0f8c1c83d449a7478aa59c036a9165498...2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump codecov/codecov-action from 5.5.0 to 5.5.1 (#362) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 5.5.0 to 5.5.1. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/fdcc8476540edceab3de004e990f80d881c6cc00...5a1091511ad55cbe89839c7260b706298ca349f7) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-version: 5.5.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 (#363) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.5.0 to 6.0.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/d35c59abb061a4a6fb18e82ac0862c26744d6ab5...44694675825211faa026b3c33043df3e48a5fa00) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github/codeql-action from 3.30.0 to 3.30.1 (#364) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.0 to 3.30.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d...f1f6e5f6af878fb37288ce1c627459e94dbf7d01) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#367) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.13.0 to 2.13.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/ec9f2d5744a09debf3a187a3f4f675c53b671911...f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * build(deps): bump github/codeql-action from 3.30.1 to 3.30.2 (#368) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.1 to 3.30.2. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f1f6e5f6af878fb37288ce1c627459e94dbf7d01...d3678e237b9c32a6c9bffb3315c335f976f3549f) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * feat(mlkem): initialize mlkem from golang standard library * chore(mlkem): refactoring, reduce alloc times * build(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (#369) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.30.2 to 3.30.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/d3678e237b9c32a6c9bffb3315c335f976f3549f...192325c86100d080feab897ff886c34abd4c83a3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.30.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * doc(README): include MLKEM * mldsa: refactor the implementation of key and sign/verify * mldsa,slhdsa: crypto.Signer assertion * fix(slhdsa): GenerateKey slice issue #72 * fix(slhdsa): copy/paste issue --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Sun Yimin <emmansun@users.noreply.github.com> 2025-09-15 11:52:26 +08:00			`if !pub.VerifyWithOptions(sigOriginal, message, &Options{Context: context}) {`
slhdsa: SLH-DSA initialize 2025-05-21 11:10:44 +08:00			`t.Errorf("%v Verify() = false, want true", filename)`
			`}`
			`}`