Updated compat matrices (#193)

vdukhovni · hs-viktor · web-flow · commit ef4e83091c9b · 2025-03-17T07:37:52.000Z
Co-authored-by: Viktor Dukhovni &lt;ietf-dane@dukhovni.org&gt;
diff --git a/docs/compat_matrix_instructions.md b/docs/compat_matrix_instructions.md
@@ -7,6 +7,64 @@ The `rebuild_results.sh` script will compile the interop test results from all p
 If you have updated your test results, then please re-run `rebuild_reselts.sh` before committing.
 https://ietf-hackathon.github.io/pqc-certificates/pqc_hackathon_results.html displays the /docs folder of the `master` branch.
 
+## The interoperability results format R5
+
+Results for the R5 *certs* tests should be placed in
+`providers/<provider_name>/compatMatrices/artifacts_certs_r5/<producer>_<consumer>.csv`.
+Because there in this format there can be multiple files for each OID (up to
+three private key formats, a certificate, and for ML-KEM possible ciphertext
+and shared secret), there are now three columns in the CSV file.  For example,
+the results for ML-DSA-44 and SLH-DSA-SHA2-128s might be:
+
+```
+key_algorithm_oid,type,test_result
+2.16.840.1.101.3.4.3.17,cert,Y
+2.16.840.1.101.3.4.3.17,seed,Y
+2.16.840.1.101.3.4.3.17,expandedkey,Y
+2.16.840.1.101.3.4.3.17,both,Y
+2.16.840.1.101.3.4.3.17,consistent,Y
+2.16.840.1.101.3.4.3.20,priv,Y
+2.16.840.1.101.3.4.3.20,cert,Y
+```
+
+The `type` column takes the following values:
+
+- cert
+    - The TA certificate (ML-DSA or SLH-DSA) had a valid self-signature, or
+    - The ML-KEM EE certificate had a valid signature, by the associated ML-DSA TA.
+- priv
+    - The single SLH-DSA private key form was well formed.
+    - A signature made with the private key can be verified with the
+      corresponding public key.
+- seed
+    - The seed form of an ML-DSA or ML-KEM private key form was well formed.
+    - A signature made with that ML-DSA private key can be verified with the
+      corresponding public key.
+    - The encapsulation ciphertext provided for that ML-KEM OID decapsulates
+      via the seed-only key to a shared secret identical with the provided
+      shared secret.
+- expandedkey
+    - The expanded key form of an ML-DSA or ML-KEM private key form was well
+      formed.
+    - A signature made with that ML-DSA private key can be verified with the
+      corresponding public key.
+    - The encapsulation ciphertext provided for that ML-KEM OID decapsulates
+      via the expanded key to a shared secret identical with the provided
+      shared secret.
+- both
+    - The seed plus expanded key (both) form of an ML-DSA or ML-KEM private key
+      form was well formed.
+    - A signature made with that ML-DSA private key can be verified with the
+      corresponding public key.
+    - The encapsulation ciphertext provided for that ML-KEM OID decapsulates
+      via the seed plus expanded key form to a shared secret identical with the
+      provided shared secret.
+- consistent
+    - All the private key forms yield the same public key form, that is also
+      the public key in the certificate.
+    - This test is not applicable if only a certificate and no keys, or only
+      one key and no certificate is provided.
+
 ## The interoperability results format R3
 
 This is simplified relative to the R2 format.
diff --git a/providers/ossl35/check_certs.sh b/providers/ossl35/check_certs.sh
@@ -6,7 +6,7 @@ if [[ $# != 1 ]]; then die 'Usage: %s <zipfile>\n' "$0"; fi
 xxd -p </dev/null || die 'Missing xxd command\n'
 
 case $(openssl version -v) in
-"OpenSSL 3.5".*) : ;;
+"OpenSSL 3".[56].*) : ;;
 *) die 'Unsupported OpenSSL version\n';;
 esac
 
@@ -55,7 +55,7 @@ check_keys() {
             fi;;
         ta) openssl x509 -in "$obj" -pubkey -noout |
                 openssl pkey -pubin -pubout -outform DER -out "$pubout" &&
-            openssl verify -verify_depth 0 -trusted "$obj" "$obj" >/dev/null &&
+            openssl verify -verify_depth 0 -check_ss_sig -trusted "$obj" "$obj" >/dev/null &&
             ta_file="$obj" &&
             dgst=$(openssl dgst -sha256 -binary < "$pubout" | xxd -p -c32) &&
             pubs=("${pubs[@]}" "$dgst") &&
@@ -68,10 +68,10 @@ check_keys() {
             pubs=("${pubs[@]}" "$dgst") &&
             printf "%s,%s,%s\n" "${oid}" "cert" "Y" ||
             printf "%s,%s,%s\n" "${oid}" "cert" "N";;
-        *)  openssl pkey -in "$obj" -pubout -outform DER -out "$pubout" &&
+        *)  openssl pkey -inform DER -in "$obj" -pubout -outform DER -out "$pubout" &&
             if [[ -n "$sigfile" ]]; then
-                openssl pkeyutl -sign -rawin -inkey "$obj" -in "$ptext" -out "$sigfile" &&
-                openssl pkeyutl -verify -rawin -in "$ptext" -pubin -inkey "$pubout" \
+                openssl pkeyutl -sign -rawin -keyform DER -inkey "$obj" -in "$ptext" -out "$sigfile" &&
+                openssl pkeyutl -verify -rawin -in "$ptext" -keyform DER -pubin -inkey "$pubout" \
                     -sigfile "$sigfile" >/dev/null
             elif [[ -n "$ct_file" && -n "$ss_file" ]]; then
                 cmp -s "$ss_file" <(
diff --git a/providers/ossl35/compatMatrices/artifacts_certs_r5/bc_ossl35.csv b/providers/ossl35/compatMatrices/artifacts_certs_r5/bc_ossl35.csv
@@ -0,0 +1,61 @@
+key_algorithm_oid,type,test_result
+2.16.840.1.101.3.4.3.21,priv,Y
+2.16.840.1.101.3.4.3.21,cert,Y
+2.16.840.1.101.3.4.3.21,consistent,Y
+2.16.840.1.101.3.4.3.20,priv,Y
+2.16.840.1.101.3.4.3.20,cert,Y
+2.16.840.1.101.3.4.3.20,consistent,Y
+2.16.840.1.101.3.4.3.27,priv,Y
+2.16.840.1.101.3.4.3.27,cert,Y
+2.16.840.1.101.3.4.3.27,consistent,Y
+2.16.840.1.101.3.4.3.26,priv,Y
+2.16.840.1.101.3.4.3.26,cert,Y
+2.16.840.1.101.3.4.3.26,consistent,Y
+2.16.840.1.101.3.4.3.17,seed,Y
+2.16.840.1.101.3.4.3.17,expandedkey,Y
+2.16.840.1.101.3.4.3.17,cert,Y
+2.16.840.1.101.3.4.3.17,consistent,Y
+2.16.840.1.101.3.4.4.1,seed,Y
+2.16.840.1.101.3.4.4.1,expandedkey,Y
+2.16.840.1.101.3.4.4.1,cert,Y
+2.16.840.1.101.3.4.4.1,consistent,Y
+2.16.840.1.101.3.4.3.23,priv,Y
+2.16.840.1.101.3.4.3.23,cert,Y
+2.16.840.1.101.3.4.3.23,consistent,Y
+2.16.840.1.101.3.4.3.22,priv,Y
+2.16.840.1.101.3.4.3.22,cert,Y
+2.16.840.1.101.3.4.3.22,consistent,Y
+2.16.840.1.101.3.4.3.29,priv,Y
+2.16.840.1.101.3.4.3.29,cert,Y
+2.16.840.1.101.3.4.3.29,consistent,Y
+2.16.840.1.101.3.4.3.28,priv,Y
+2.16.840.1.101.3.4.3.28,cert,Y
+2.16.840.1.101.3.4.3.28,consistent,Y
+2.16.840.1.101.3.4.3.18,seed,Y
+2.16.840.1.101.3.4.3.18,expandedkey,Y
+2.16.840.1.101.3.4.3.18,cert,Y
+2.16.840.1.101.3.4.3.18,consistent,Y
+2.16.840.1.101.3.4.4.2,seed,Y
+2.16.840.1.101.3.4.4.2,expandedkey,Y
+2.16.840.1.101.3.4.4.2,cert,Y
+2.16.840.1.101.3.4.4.2,consistent,Y
+2.16.840.1.101.3.4.3.25,priv,Y
+2.16.840.1.101.3.4.3.25,cert,Y
+2.16.840.1.101.3.4.3.25,consistent,Y
+2.16.840.1.101.3.4.3.24,priv,Y
+2.16.840.1.101.3.4.3.24,cert,Y
+2.16.840.1.101.3.4.3.24,consistent,Y
+2.16.840.1.101.3.4.3.31,priv,Y
+2.16.840.1.101.3.4.3.31,cert,Y
+2.16.840.1.101.3.4.3.31,consistent,Y
+2.16.840.1.101.3.4.3.30,priv,Y
+2.16.840.1.101.3.4.3.30,cert,Y
+2.16.840.1.101.3.4.3.30,consistent,Y
+2.16.840.1.101.3.4.3.19,seed,Y
+2.16.840.1.101.3.4.3.19,expandedkey,Y
+2.16.840.1.101.3.4.3.19,cert,Y
+2.16.840.1.101.3.4.3.19,consistent,Y
+2.16.840.1.101.3.4.4.3,seed,Y
+2.16.840.1.101.3.4.4.3,expandedkey,Y
+2.16.840.1.101.3.4.4.3,cert,Y
+2.16.840.1.101.3.4.4.3,consistent,Y
diff --git a/providers/ossl35/compatMatrices/artifacts_certs_r5/carl-redhound_ossl35.csv b/providers/ossl35/compatMatrices/artifacts_certs_r5/carl-redhound_ossl35.csv
@@ -0,0 +1,52 @@
+key_algorithm_oid,type,test_result
+2.16.840.1.101.3.4.3.21,priv,Y
+2.16.840.1.101.3.4.3.21,cert,Y
+2.16.840.1.101.3.4.3.21,consistent,Y
+2.16.840.1.101.3.4.3.20,priv,Y
+2.16.840.1.101.3.4.3.20,cert,Y
+2.16.840.1.101.3.4.3.20,consistent,Y
+2.16.840.1.101.3.4.3.27,priv,Y
+2.16.840.1.101.3.4.3.27,cert,Y
+2.16.840.1.101.3.4.3.27,consistent,Y
+2.16.840.1.101.3.4.3.26,priv,Y
+2.16.840.1.101.3.4.3.26,cert,Y
+2.16.840.1.101.3.4.3.26,consistent,Y
+2.16.840.1.101.3.4.3.17,seed,Y
+2.16.840.1.101.3.4.3.17,expandedkey,Y
+2.16.840.1.101.3.4.3.17,both,Y
+2.16.840.1.101.3.4.3.17,cert,Y
+2.16.840.1.101.3.4.3.17,consistent,Y
+2.16.840.1.101.3.4.3.23,priv,Y
+2.16.840.1.101.3.4.3.23,cert,Y
+2.16.840.1.101.3.4.3.23,consistent,Y
+2.16.840.1.101.3.4.3.22,priv,Y
+2.16.840.1.101.3.4.3.22,cert,Y
+2.16.840.1.101.3.4.3.22,consistent,Y
+2.16.840.1.101.3.4.3.29,priv,Y
+2.16.840.1.101.3.4.3.29,cert,Y
+2.16.840.1.101.3.4.3.29,consistent,Y
+2.16.840.1.101.3.4.3.28,priv,Y
+2.16.840.1.101.3.4.3.28,cert,Y
+2.16.840.1.101.3.4.3.28,consistent,Y
+2.16.840.1.101.3.4.3.18,seed,Y
+2.16.840.1.101.3.4.3.18,expandedkey,Y
+2.16.840.1.101.3.4.3.18,both,Y
+2.16.840.1.101.3.4.3.18,cert,Y
+2.16.840.1.101.3.4.3.18,consistent,Y
+2.16.840.1.101.3.4.3.25,priv,Y
+2.16.840.1.101.3.4.3.25,cert,Y
+2.16.840.1.101.3.4.3.25,consistent,Y
+2.16.840.1.101.3.4.3.24,priv,Y
+2.16.840.1.101.3.4.3.24,cert,Y
+2.16.840.1.101.3.4.3.24,consistent,Y
+2.16.840.1.101.3.4.3.31,priv,Y
+2.16.840.1.101.3.4.3.31,cert,Y
+2.16.840.1.101.3.4.3.31,consistent,Y
+2.16.840.1.101.3.4.3.30,priv,Y
+2.16.840.1.101.3.4.3.30,cert,Y
+2.16.840.1.101.3.4.3.30,consistent,Y
+2.16.840.1.101.3.4.3.19,seed,Y
+2.16.840.1.101.3.4.3.19,expandedkey,Y
+2.16.840.1.101.3.4.3.19,both,Y
+2.16.840.1.101.3.4.3.19,cert,Y
+2.16.840.1.101.3.4.3.19,consistent,Y
diff --git a/providers/ossl35/compatMatrices/artifacts_certs_r5/corey-digicert_ossl35.csv b/providers/ossl35/compatMatrices/artifacts_certs_r5/corey-digicert_ossl35.csv
@@ -0,0 +1,15 @@
+2.16.840.1.101.3.4.3.17,seed,Y
+2.16.840.1.101.3.4.3.17,expandedkey,Y
+2.16.840.1.101.3.4.3.17,both,Y
+2.16.840.1.101.3.4.3.17,cert,Y
+2.16.840.1.101.3.4.3.17,consistent,Y
+2.16.840.1.101.3.4.3.18,seed,Y
+2.16.840.1.101.3.4.3.18,expandedkey,Y
+2.16.840.1.101.3.4.3.18,both,Y
+2.16.840.1.101.3.4.3.18,cert,Y
+2.16.840.1.101.3.4.3.18,consistent,Y
+2.16.840.1.101.3.4.3.19,seed,Y
+2.16.840.1.101.3.4.3.19,expandedkey,Y
+2.16.840.1.101.3.4.3.19,both,Y
+2.16.840.1.101.3.4.3.19,cert,Y
+2.16.840.1.101.3.4.3.19,consistent,Y
diff --git a/providers/ossl35/compatMatrices/artifacts_certs_r5/crypto4a_ossl35.csv b/providers/ossl35/compatMatrices/artifacts_certs_r5/crypto4a_ossl35.csv
@@ -0,0 +1,9 @@
+2.16.840.1.101.3.4.3.17,both,Y
+2.16.840.1.101.3.4.3.17,cert,Y
+2.16.840.1.101.3.4.3.17,consistent,Y
+2.16.840.1.101.3.4.3.18,both,Y
+2.16.840.1.101.3.4.3.18,cert,Y
+2.16.840.1.101.3.4.3.18,consistent,Y
+2.16.840.1.101.3.4.3.19,both,Y
+2.16.840.1.101.3.4.3.19,cert,Y
+2.16.840.1.101.3.4.3.19,consistent,Y
diff --git a/providers/ossl35/compatMatrices/artifacts_certs_r5/cryptonext_ossl35.csv b/providers/ossl35/compatMatrices/artifacts_certs_r5/cryptonext_ossl35.csv
@@ -0,0 +1,67 @@
+key_algorithm_oid,type,test_result
+2.16.840.1.101.3.4.3.21,priv,Y
+2.16.840.1.101.3.4.3.21,cert,Y
+2.16.840.1.101.3.4.3.21,consistent,Y
+2.16.840.1.101.3.4.3.20,priv,Y
+2.16.840.1.101.3.4.3.20,cert,Y
+2.16.840.1.101.3.4.3.20,consistent,Y
+2.16.840.1.101.3.4.3.27,priv,Y
+2.16.840.1.101.3.4.3.27,cert,Y
+2.16.840.1.101.3.4.3.27,consistent,Y
+2.16.840.1.101.3.4.3.26,priv,Y
+2.16.840.1.101.3.4.3.26,cert,Y
+2.16.840.1.101.3.4.3.26,consistent,Y
+2.16.840.1.101.3.4.3.17,seed,Y
+2.16.840.1.101.3.4.3.17,expandedkey,Y
+2.16.840.1.101.3.4.3.17,both,Y
+2.16.840.1.101.3.4.3.17,cert,Y
+2.16.840.1.101.3.4.3.17,consistent,Y
+2.16.840.1.101.3.4.4.1,seed,Y
+2.16.840.1.101.3.4.4.1,expandedkey,Y
+2.16.840.1.101.3.4.4.1,both,Y
+2.16.840.1.101.3.4.4.1,cert,Y
+2.16.840.1.101.3.4.4.1,consistent,Y
+2.16.840.1.101.3.4.3.23,priv,Y
+2.16.840.1.101.3.4.3.23,cert,Y
+2.16.840.1.101.3.4.3.23,consistent,Y
+2.16.840.1.101.3.4.3.22,priv,Y
+2.16.840.1.101.3.4.3.22,cert,Y
+2.16.840.1.101.3.4.3.22,consistent,Y
+2.16.840.1.101.3.4.3.29,priv,Y
+2.16.840.1.101.3.4.3.29,cert,Y
+2.16.840.1.101.3.4.3.29,consistent,Y
+2.16.840.1.101.3.4.3.28,priv,Y
+2.16.840.1.101.3.4.3.28,cert,Y
+2.16.840.1.101.3.4.3.28,consistent,Y
+2.16.840.1.101.3.4.3.18,seed,Y
+2.16.840.1.101.3.4.3.18,expandedkey,Y
+2.16.840.1.101.3.4.3.18,both,Y
+2.16.840.1.101.3.4.3.18,cert,Y
+2.16.840.1.101.3.4.3.18,consistent,Y
+2.16.840.1.101.3.4.4.2,seed,Y
+2.16.840.1.101.3.4.4.2,expandedkey,Y
+2.16.840.1.101.3.4.4.2,both,Y
+2.16.840.1.101.3.4.4.2,cert,Y
+2.16.840.1.101.3.4.4.2,consistent,Y
+2.16.840.1.101.3.4.3.25,priv,Y
+2.16.840.1.101.3.4.3.25,cert,Y
+2.16.840.1.101.3.4.3.25,consistent,Y
+2.16.840.1.101.3.4.3.24,priv,Y
+2.16.840.1.101.3.4.3.24,cert,Y
+2.16.840.1.101.3.4.3.24,consistent,Y
+2.16.840.1.101.3.4.3.31,priv,Y
+2.16.840.1.101.3.4.3.31,cert,Y
+2.16.840.1.101.3.4.3.31,consistent,Y
+2.16.840.1.101.3.4.3.30,priv,Y
+2.16.840.1.101.3.4.3.30,cert,Y
+2.16.840.1.101.3.4.3.30,consistent,Y
+2.16.840.1.101.3.4.3.19,seed,Y
+2.16.840.1.101.3.4.3.19,expandedkey,Y
+2.16.840.1.101.3.4.3.19,both,Y
+2.16.840.1.101.3.4.3.19,cert,Y
+2.16.840.1.101.3.4.3.19,consistent,Y
+2.16.840.1.101.3.4.4.3,seed,Y
+2.16.840.1.101.3.4.4.3,expandedkey,Y
+2.16.840.1.101.3.4.4.3,both,Y
+2.16.840.1.101.3.4.4.3,cert,Y
+2.16.840.1.101.3.4.4.3,consistent,Y
diff --git a/providers/ossl35/compatMatrices/artifacts_certs_r5/entrust_ossl35.csv b/providers/ossl35/compatMatrices/artifacts_certs_r5/entrust_ossl35.csv
@@ -0,0 +1,5 @@
+2.16.840.1.101.3.4.3.17,expandedkey,N
+2.16.840.1.101.3.4.3.17,cert,Y
+2.16.840.1.101.3.4.3.18,expandedkey,N
+2.16.840.1.101.3.4.3.18,cert,Y
+2.16.840.1.101.3.4.3.19,cert,Y
diff --git a/providers/ossl35/compatMatrices/artifacts_cms_v3/cryptonext_ossl35.csv b/providers/ossl35/compatMatrices/artifacts_cms_v3/cryptonext_ossl35.csv
@@ -0,0 +1,16 @@
+key_algorithm_oid,test_result
+2.16.840.1.101.3.4.3.17,Y
+2.16.840.1.101.3.4.3.21,Y
+2.16.840.1.101.3.4.3.20,Y
+2.16.840.1.101.3.4.3.27,N
+2.16.840.1.101.3.4.3.26,N
+2.16.840.1.101.3.4.3.18,Y
+2.16.840.1.101.3.4.3.23,Y
+2.16.840.1.101.3.4.3.22,Y
+2.16.840.1.101.3.4.3.29,Y
+2.16.840.1.101.3.4.3.28,Y
+2.16.840.1.101.3.4.3.19,Y
+2.16.840.1.101.3.4.3.25,Y
+2.16.840.1.101.3.4.3.24,Y
+2.16.840.1.101.3.4.3.31,N
+2.16.840.1.101.3.4.3.30,N
