Source file src/crypto/mldsa/mldsa_fips140v1.0_test.go 

     1  // Copyright 2026 The Go Authors. All rights reserved.
     2  // Use of this source code is governed by a BSD-style
     3  // license that can be found in the LICENSE file.
     4  
     5  //go:build fips140v1.0
     6  
     7  package mldsa_test
     8  
     9  import (
    10  	"crypto"
    11  	. "crypto/mldsa"
    12  	"testing"
    13  )
    14  
    15  var _ crypto.Signer = (*PrivateKey)(nil)
    16  
    17  func TestUnavailable(t *testing.T) {
    18  	for _, params := range []Parameters{MLDSA44(), MLDSA65(), MLDSA87()} {
    19  		t.Run(params.String(), func(t *testing.T) {
    20  			if _, err := GenerateKey(params); err == nil {
    21  				t.Errorf("GenerateKey: want error, got nil")
    22  			}
    23  			if _, err := NewPrivateKey(params, make([]byte, PrivateKeySize)); err == nil {
    24  				t.Errorf("NewPrivateKey: want error, got nil")
    25  			}
    26  			if _, err := NewPublicKey(params, make([]byte, params.PublicKeySize())); err == nil {
    27  				t.Errorf("NewPublicKey: want error, got nil")
    28  			}
    29  			if err := Verify(&PublicKey{}, nil, nil, nil); err == nil {
    30  				t.Errorf("Verify: want error, got nil")
    31  			}
    32  		})
    33  	}
    34  }
    35  
    36  func TestMethodsPanic(t *testing.T) {
    37  	// All PrivateKey and PublicKey methods are unreachable in the v1.0 stub
    38  	// (since there is no way to construct a non-zero key) and panic if invoked
    39  	// on the zero value.
    40  	sk := &PrivateKey{}
    41  	pk := &PublicKey{}
    42  	cases := []struct {
    43  		name string
    44  		fn   func()
    45  	}{
    46  		{"PrivateKey.Public", func() { sk.Public() }},
    47  		{"PrivateKey.Equal", func() { sk.Equal(sk) }},
    48  		{"PrivateKey.PublicKey", func() { sk.PublicKey() }},
    49  		{"PrivateKey.Bytes", func() { sk.Bytes() }},
    50  		{"PrivateKey.Sign", func() { sk.Sign(nil, nil, nil) }},
    51  		{"PrivateKey.SignDeterministic", func() { sk.SignDeterministic(nil, nil) }},
    52  		{"PublicKey.Bytes", func() { pk.Bytes() }},
    53  		{"PublicKey.Equal", func() { pk.Equal(pk) }},
    54  		{"PublicKey.Parameters", func() { pk.Parameters() }},
    55  	}
    56  	for _, tc := range cases {
    57  		t.Run(tc.name, func(t *testing.T) {
    58  			defer func() {
    59  				if r := recover(); r == nil {
    60  					t.Errorf("%s: did not panic", tc.name)
    61  				}
    62  			}()
    63  			tc.fn()
    64  		})
    65  	}
    66  }
    67  
    68  func TestParametersAvailable(t *testing.T) {
    69  	// The Parameters value type and its methods must remain usable even under
    70  	// the v1.0 stub, so callers can introspect parameter sets without invoking
    71  	// the unavailable key APIs.
    72  	cases := []struct {
    73  		params  Parameters
    74  		name    string
    75  		pkSize  int
    76  		sigSize int
    77  	}{
    78  		{MLDSA44(), "ML-DSA-44", MLDSA44PublicKeySize, MLDSA44SignatureSize},
    79  		{MLDSA65(), "ML-DSA-65", MLDSA65PublicKeySize, MLDSA65SignatureSize},
    80  		{MLDSA87(), "ML-DSA-87", MLDSA87PublicKeySize, MLDSA87SignatureSize},
    81  	}
    82  	for _, tc := range cases {
    83  		if got := tc.params.String(); got != tc.name {
    84  			t.Errorf("String() = %q, want %q", got, tc.name)
    85  		}
    86  		if got := tc.params.PublicKeySize(); got != tc.pkSize {
    87  			t.Errorf("%s PublicKeySize() = %d, want %d", tc.name, got, tc.pkSize)
    88  		}
    89  		if got := tc.params.SignatureSize(); got != tc.sigSize {
    90  			t.Errorf("%s SignatureSize() = %d, want %d", tc.name, got, tc.sigSize)
    91  		}
    92  	}
    93  }
    94  

View as plain text

go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.