Test ML-DSA keytypes#398
Draft
jku wants to merge 1 commit into
Draft
Conversation
Added ML-DSA: This will require newer securesystemslib
Current test_keytype_and_scheme is preserved for the "standard"
ketytypes (the ones referenced in the spec). This way new more
optional keytypes will be ergonomic to xfail when needed.
We could set the "non-standard" keytypes to xpass (so failures
would be listed but would not fail a run) but that seems more complex:
Users already have two fine options:
* add new failing tests to the clients xfails list
"test_mldsa_keytype_and_scheme" will cover all mldsa tests
* postpone conformance upgrade until suppport is added
The 9000 char signature line is obnoxious but I don't want to
replace it with "00"*4627 since it's possible this would not be a
valid ASN1.DER key -- we can move the sigs to a resource file if the
long lines are an issue.
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Added ML-DSA keys as defined in theupdateframework/taps#195: Leaving this DRAFT as it requires securesystemslib with secure-systems-lab/securesystemslib#1124.
Current
test_keytype_and_schemeis preserved for the "standard" ketytypes (the ones referenced in the spec). This way new, more optional, keytypes will be ergonomic to xfail when needed.We could set the "non-standard" keytypes to xpass (so failures would be listed but would not fail a run) but that seems more complex: Users already have two fine options:
The 9000 char signature line is obnoxious but I don't want to replace it with
"00"*4627since it's likely this would not be a valid ASN1.DER key -- we can move the sigs to a resource file if the long lines are an issue.