Skip to content

openssl compat errors and mldsa oid fix#10785

Open
stenslae wants to merge 1 commit into
wolfSSL:masterfrom
stenslae:ml-dsa-ssl-error-queue-fix
Open

openssl compat errors and mldsa oid fix#10785
stenslae wants to merge 1 commit into
wolfSSL:masterfrom
stenslae:ml-dsa-ssl-error-queue-fix

Conversation

@stenslae

@stenslae stenslae commented Jun 25, 2026

Copy link
Copy Markdown
Member

Description

  • Fix 1: verifyX509orX509REQ(): add ML-DSA case

verifyX509orX509REQ() was missing a case for ML-DSA public keys, so they returned errors. Added an mldsaOID field that is from the cert's OID in wolfSSL_X509_get_pubkey(). With pkeys with no backing cert, the OID is cached and used for level recognition.

Also fixed the wc_MlDsaKey_PublicKeyDecode() so that auto-detect is checked before the draft mode.

  • Fix 2: return 0 when error queue not compiled in

When WOLFSSL_HAVE_ERROR_QUEUE is not defined, all three functions returned (unsigned long)(0 - NOT_COMPILED_IN) (= 174), a non-zero value. This is non-OpenSSL-compatible, so changed all three #else branches to return 0.

@stenslae stenslae self-assigned this Jun 25, 2026

@wolfSSL-Fenrir-bot wolfSSL-Fenrir-bot left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fenrir Automated Review — PR #10785

Scan targets checked: wolfssl-bugs, wolfssl-src

No new issues found in the changed files. ✅

@stenslae stenslae removed their assignment Jul 7, 2026
dgarske
dgarske previously approved these changes Jul 8, 2026
@dgarske dgarske requested a review from Frauschi July 8, 2026 18:38

@Frauschi Frauschi left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🐺 Skoll Code Review

Overall recommendation: REQUEST_CHANGES
Findings: 1 total — 1 posted, 0 skipped

Posted findings

  • [Medium] ML-DSA verify uses subject key OID instead of the verifying key's OID for parameter-set selectionsrc/x509.c:8959

Review generated by Skoll via Claude/Codex

Comment thread src/x509.c Outdated
@dgarske dgarske assigned stenslae and unassigned Frauschi Jul 9, 2026
@stenslae stenslae force-pushed the ml-dsa-ssl-error-queue-fix branch from 3df61a4 to dec7330 Compare July 9, 2026 22:57

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some of the CI is failing for PQC. Please check. Thanks @stenslae

@stenslae stenslae force-pushed the ml-dsa-ssl-error-queue-fix branch from dec7330 to 6da132a Compare July 10, 2026 18:38
@dgarske dgarske requested review from Frauschi and dgarske July 10, 2026 18:56

@dgarske dgarske left a comment

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Still seeing CI failures "make check failed for: mldsa-no-asn1-fips204-draft-opensslextra (1 config(s) aborted by fail-fast)"

@dgarske dgarske assigned stenslae and unassigned stenslae Jul 10, 2026
@stenslae stenslae force-pushed the ml-dsa-ssl-error-queue-fix branch 2 times, most recently from fd7f182 to aa9d16d Compare July 13, 2026 16:25
@Frauschi

Copy link
Copy Markdown
Contributor

Consider folding the new ML-DSA fixtures into certs/renewcerts.sh

renewcerts.sh already has an ML-DSA block, but it only regenerates the per-level mldsa<N>-* certs/keys and ecc-leaf-mldsa44.pem. The cross-level chain this PR adds (mldsa87-ca-*, mldsa65-leaf87ca-*) is documented only as manual commands in README.txt.

Worth wiring the chain into the script: it's the regression fixture for the OID-selection fix here, and since it isn't scripted, the next renewcerts.sh run regenerates the base certs but leaves the CA/leaf chain untouched — so they drift out of sync. It's pure OpenSSL 3.5+ and fits right after the ecc-leaf-mldsa44 section.

I'd leave _oqskeypair.der (needs liboqs) and the raw key-shape vectors as documented-only. Not blocking.

@stenslae stenslae force-pushed the ml-dsa-ssl-error-queue-fix branch from aa9d16d to 5799ac6 Compare July 13, 2026 18:06
@stenslae stenslae requested review from dgarske and wolfSSL-Fenrir-bot and removed request for wolfSSL-Fenrir-bot July 13, 2026 22:08

@Frauschi Frauschi left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants