Update BaseCryptLib to have basic PQC Tests#1799
Draft
Flickdm wants to merge 4 commits into
Draft
Conversation
Contributor
✅ QEMU Validation PassedSource Dependencies
Results
Workflow run: https://github.com/microsoft/mu_basecore/actions/runs/26205952492 This comment was automatically generated by the Mu QEMU PR Validation workflow. |
5 tasks
SHA-1 is no longer a supported digest algorithm for new Authenticode signatures per the updated Windows Authenticode Portable Executable Signature Format specification. Remove the SHA-1 verification block from TestVerifyAuthenticodeVerify so the host unit test suite no longer asserts on a deprecated algorithm. The SHA-256 case remains to exercise the legacy RSA/SHA-256 path. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Add Pqc unit tests that exercise CMS verification of ML-DSA-44, ML-DSA-65, and ML-DSA-87 signed data through Pkcs7Verify(). Include auto-generated test vectors (PqcTestData.h) produced by OpenSSL 4.0.0, covering successful verification plus negative cases for tampered data and wrong signer certificate. Wire the new suite into the host and shell test apps. Signed-off-by: Doug Flick <dougflick@microsoft.com>
Flickdm
force-pushed
the
update/Pqc-BaseCryptLibUnitTests
branch
from
a1d04ec to
c26eeb1
Compare
Extends AuthenticodeTests with post-quantum coverage exercising AuthenticodeVerify() against ML-DSA-44, ML-DSA-65, and ML-DSA-87 SignedData blobs. Each blob carries a synthetic SpcIndirectDataContent SEQUENCE that embeds a fixed SHA-256 image hash, allowing the host unit test to invoke AuthenticodeVerify() with a known hash value. The three positive cases confirm AuthenticodeVerify() honours the CMS-based PKCS#7 dispatch path for ML-DSA signatures. Three negative cases assert rejection of: - a mismatched supplied image hash, - a trust anchor that does not chain to the signer, and - a single-byte mutation of the ML-DSA signature OCTET STRING. Test vectors live in PqcAuthenticodeTestData.h and are produced by the upstream OpenSSL 4.0 ML-DSA provider. Signed-off-by: Doug Flick <dougflick@microsoft.com>
PeSha1Hash and AuthenticodeWithSha1 are no longer referenced by any unit test - SHA-1 Authenticode verification was removed earlier. Drop the unused arrays and the now-stale "SHA-1 Authenticode test removed" comment in TestVerifyAuthenticodeVerify(). Signed-off-by: Doug Flick <dougflick@microsoft.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This is going to be a chicken and egg situation. I'm using these tests to validate my PQC Binary - but these tests aren't expected to run on a (existing) non PQC Binary. - so this will have failures until I update the extdep.
This pull request introduces support for Post-Quantum Cryptography (PQC) verification tests in the cryptographic unit test suite, specifically targeting ML-DSA signature verification through the
Pkcs7VerifyAPI. Additionally, it removes the deprecated SHA-1 Authenticode test. The main themes are the addition of PQC tests and cleanup of legacy cryptography tests.Post-Quantum Cryptography (PQC) Test Support:
PqcTests.cwith unit tests for ML-DSA-44, ML-DSA-65, and ML-DSA-87 CMS signature verification, including negative tests for tampered data and wrong certificates.BaseCryptLibUnitTests.c), and declared the test descriptors and test count in the test base header (TestBaseCryptLib.h).Legacy Cryptography Test Cleanup:
AuthenticodeTests.cas SHA-1 is deprecated and no longer supported.For details on how to complete these options and their meaning refer to CONTRIBUTING.md.
How This Was Tested
<Describe the test(s) that were run to verify the changes.>
Integration Instructions
<Describe how these changes should be integrated. Use N/A if nothing is required.>