lib/crypto/tests/mldsa_kunit.c
Source file repositories/reference/linux-study-clean/lib/crypto/tests/mldsa_kunit.c
File Facts
- System
- Linux kernel
- Corpus path
lib/crypto/tests/mldsa_kunit.c- Extension
.c- Size
- 12151 bytes
- Lines
- 439
- Domain
- Kernel Services
- Bucket
- lib
- Inferred role
- Kernel Services: implementation source
- Status
- source implementation candidate
Why This File Exists
Shared kernel service surface used by multiple subsystems, including helpers, cryptography, virtualization support, and async I/O infrastructure.
- Shared kernel service surface used by multiple subsystems, including helpers, cryptography, virtualization support, and async I/O infrastructure.
- Allocates kernel memory; connect allocation flags and lifetime to context constraints.
- Defines or uses C structs; map object ownership, embedded links, reference counts, and lock ownership.
Dependency Surface
crypto/mldsa.hkunit/test.hlinux/random.hlinux/unaligned.hmldsa-testvecs.h
Detected Declarations
function do_mldsa_and_assert_successfunction mldsa_verifyfunction test_mldsa_bad_hintsfunction test_mldsa_mutationfunction test_mldsafunction test_mldsa44function test_mldsa65function test_mldsa87function modfunction symmetric_modfunction decompose_reffunction use_hint_reffunction test_mldsa_use_hintfunction benchmark_mldsafunction benchmark_mldsa44function benchmark_mldsa65function benchmark_mldsa87
Annotated Snippet
// SPDX-License-Identifier: GPL-2.0-or-later
/*
* KUnit tests and benchmark for ML-DSA
*
* Copyright 2025 Google LLC
*/
#include <crypto/mldsa.h>
#include <kunit/test.h>
#include <linux/random.h>
#include <linux/unaligned.h>
#define Q 8380417 /* The prime q = 2^23 - 2^13 + 1 */
/* ML-DSA parameters that the tests use */
static const struct {
int sig_len;
int pk_len;
int k;
int lambda;
int gamma1;
int beta;
int omega;
} params[] = {
[MLDSA44] = {
.sig_len = MLDSA44_SIGNATURE_SIZE,
.pk_len = MLDSA44_PUBLIC_KEY_SIZE,
.k = 4,
.lambda = 128,
.gamma1 = 1 << 17,
.beta = 78,
.omega = 80,
},
[MLDSA65] = {
.sig_len = MLDSA65_SIGNATURE_SIZE,
.pk_len = MLDSA65_PUBLIC_KEY_SIZE,
.k = 6,
.lambda = 192,
.gamma1 = 1 << 19,
.beta = 196,
.omega = 55,
},
[MLDSA87] = {
.sig_len = MLDSA87_SIGNATURE_SIZE,
.pk_len = MLDSA87_PUBLIC_KEY_SIZE,
.k = 8,
.lambda = 256,
.gamma1 = 1 << 19,
.beta = 120,
.omega = 75,
},
};
#include "mldsa-testvecs.h"
static void do_mldsa_and_assert_success(struct kunit *test,
const struct mldsa_testvector *tv)
{
int err = mldsa_verify(tv->alg, tv->sig, tv->sig_len, tv->msg,
tv->msg_len, tv->pk, tv->pk_len);
KUNIT_ASSERT_EQ(test, err, 0);
}
static u8 *kunit_kmemdup_or_fail(struct kunit *test, const u8 *src, size_t len)
{
u8 *dst = kunit_kmalloc(test, len, GFP_KERNEL);
KUNIT_ASSERT_NOT_NULL(test, dst);
return memcpy(dst, src, len);
}
/*
* Test that changing coefficients in a valid signature's z vector results in
* the following behavior from mldsa_verify():
*
* * -EBADMSG if a coefficient is changed to have an out-of-range value, i.e.
* absolute value >= gamma1 - beta, corresponding to the verifier detecting
* the out-of-range coefficient and rejecting the signature as malformed
*
* * -EKEYREJECTED if a coefficient is changed to a different in-range value,
* i.e. absolute value < gamma1 - beta, corresponding to the verifier
* continuing to the "real" signature check and that check failing
*/
static void test_mldsa_z_range(struct kunit *test,
const struct mldsa_testvector *tv)
{
u8 *sig = kunit_kmemdup_or_fail(test, tv->sig, tv->sig_len);
const int lambda = params[tv->alg].lambda;
const s32 gamma1 = params[tv->alg].gamma1;
const int beta = params[tv->alg].beta;
/*
Annotation
- Immediate include surface: `crypto/mldsa.h`, `kunit/test.h`, `linux/random.h`, `linux/unaligned.h`, `mldsa-testvecs.h`.
- Detected declarations: `function do_mldsa_and_assert_success`, `function mldsa_verify`, `function test_mldsa_bad_hints`, `function test_mldsa_mutation`, `function test_mldsa`, `function test_mldsa44`, `function test_mldsa65`, `function test_mldsa87`, `function mod`, `function symmetric_mod`.
- Atlas domain: Kernel Services / lib.
- Implementation status: source implementation candidate.
Implementation Notes
- This generated page is the file-by-file coverage layer; curated subsystem chapters should link here when they synthesize a multi-file control flow.
- Core OS pages should be promoted from atlas-only to deep-reviewed when they explain data structures, invariants, locking, lifecycle, and C implementation snippets.
- Driver-family pages are intentionally pattern-oriented unless they are part of the selected PCIe/NVMe representative device path.