Improve coverage

Author: DarkaMaul

src/rust/cryptography-key-parsing/src/spki.rs

@@ -269,4 +269,15 @@ mod tests {
         // Expected to panic
         _ = serialize_public_key(&pkey);
     }
+
+    #[cfg(CRYPTOGRAPHY_IS_AWSLC)]
+    #[test]
+    #[should_panic(expected = "Unsupported ML-DSA variant")]
+    fn test_serialize_public_key_unsupported_mldsa_variant() {
+        // Load an ML-DSA-44 public key from a Wycheproof test vector DER.
+        let der = include_bytes!("../../test_data/mldsa44_pub.der");
+        let pub_pkey = openssl::pkey::PKey::public_key_from_der(der).unwrap();
+        // Expected to panic with "Unsupported ML-DSA variant"
+        _ = serialize_public_key(&pub_pkey);
+    }
 }

src/rust/cryptography-openssl/src/mldsa.rs

@@ -160,3 +160,20 @@ pub fn verify(
 
     Ok(r == 1)
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+
+    #[test]
+    fn test_sign_with_context_too_long_returns_error() {
+        // ML-DSA context strings are limited to 255 bytes.
+        // Passing a 256-byte context to ml_dsa_65_sign triggers
+        // an FFI error return.
+        let seed = generate_seed().unwrap();
+        let pkey = new_raw_private_key(&seed).unwrap();
+        let long_ctx = [0x41u8; 256];
+        let result = sign(&pkey, b"test", &long_ctx);
+        assert!(result.is_err());
+    }
+}

src/rust/src/backend/keys.rs

@@ -372,4 +372,38 @@ mod tests {
             assert!(private_key_from_pkey(py, &pkey, false).is_err());
         });
     }
+
+    #[test]
+    #[cfg(CRYPTOGRAPHY_IS_AWSLC)]
+    fn test_private_key_from_pkey_unsupported_mldsa_variant() {
+        use super::private_key_from_pkey;
+
+        pyo3::Python::initialize();
+
+        pyo3::Python::attach(|py| {
+            // Load an ML-DSA-44 private key from a Wycheproof PKCS8 DER.
+            // ML-DSA-44 is a PQDSA key that we don't support; its public key
+            // length differs from ML-DSA-65, hitting the "Unsupported ML-DSA
+            // variant" error branch.
+            let der = include_bytes!("../../test_data/mldsa44_priv.der");
+            let pkey = openssl::pkey::PKey::private_key_from_der(der).unwrap();
+            assert!(private_key_from_pkey(py, &pkey, false).is_err());
+        });
+    }
+
+    #[test]
+    #[cfg(CRYPTOGRAPHY_IS_AWSLC)]
+    fn test_public_key_from_pkey_unsupported_mldsa_variant() {
+        use super::public_key_from_pkey;
+
+        pyo3::Python::initialize();
+
+        pyo3::Python::attach(|py| {
+            // Load an ML-DSA-44 public key from a Wycheproof SPKI DER.
+            let der = include_bytes!("../../test_data/mldsa44_pub.der");
+            let pub_pkey = openssl::pkey::PKey::public_key_from_der(der).unwrap();
+            let id = pub_pkey.id();
+            assert!(public_key_from_pkey(py, &pub_pkey, id).is_err());
+        });
+    }
 }

src/rust/src/backend/mldsa65.rs

@@ -58,7 +58,9 @@ fn from_public_bytes(data: &[u8]) -> pyo3::PyResult<MlDsa65PublicKey> {
     Ok(MlDsa65PublicKey { pkey })
 }
 
+// NO-COVERAGE-START
 #[pyo3::pymethods]
+// NO-COVERAGE-END
 impl MlDsa65PrivateKey {
     fn sign<'p>(
         &self,
@@ -104,11 +106,7 @@ impl MlDsa65PrivateKey {
         let pkcs8_der = self.pkey.private_key_to_pkcs8()?;
         let pki =
             asn1::parse_single::<cryptography_key_parsing::pkcs8::PrivateKeyInfo<'_>>(&pkcs8_der)
-                .map_err(|_| {
-                pyo3::exceptions::PyValueError::new_err(
-                    "Cannot extract seed from this ML-DSA-65 private key",
-                )
-            })?;
+                .unwrap();
         // The privateKey content is [0x80, 0x20, <32 bytes of seed>]
         // (context-specific tag 0, length 32)
         if pki.private_key.len() == 2 + cryptography_openssl::mldsa::MLDSA65_SEED_BYTES
@@ -117,11 +115,16 @@ impl MlDsa65PrivateKey {
         {
             Ok(pyo3::types::PyBytes::new(py, &pki.private_key[2..]))
         } else {
+            // NO-COVERAGE-START
+            // All supported ML-DSA variants use 32-byte seeds with the
+            // [0x80, 0x20, <seed>] encoding. This branch is purely
+            // defensive against future format changes.
             Err(CryptographyError::from(
                 pyo3::exceptions::PyValueError::new_err(
                     "Cannot extract seed from this ML-DSA-65 private key",
                 ),
             ))
+            // NO-COVERAGE-END
         }
     }
 
@@ -165,7 +168,9 @@ impl MlDsa65PrivateKey {
     }
 }
 
+// NO-COVERAGE-START
 #[pyo3::pymethods]
+// NO-COVERAGE-END
 impl MlDsa65PublicKey {
     fn verify(&self, signature: CffiBuf<'_>, data: CffiBuf<'_>) -> CryptographyResult<()> {
         let valid = cryptography_openssl::mldsa::verify(

src/rust/test_data/mldsa44_priv.der

@@ -55,6 +55,11 @@ def test_sign_verify(self, backend):
         sig = key.sign(b"test data")
         key.public_key().verify(sig, b"test data")
 
+    def test_sign_verify_empty_message(self, backend):
+        key = MlDsa65PrivateKey.generate()
+        sig = key.sign(b"")
+        key.public_key().verify(sig, b"")
+
     @pytest.mark.parametrize(
         "ctx",
         [
@@ -101,6 +106,18 @@ def test_kat_vectors(self, backend, subtests):
                 else:
                     pub.verify(expected_sig, msg)
 
+    def test_kat_verify_no_context(self, backend):
+        vectors = load_vectors_from_file(
+            os.path.join("asymmetric", "MLDSA", "kat_MLDSA_65_det_pure.rsp"),
+            load_nist_vectors,
+        )
+        vector = vectors[0]
+        xi = binascii.unhexlify(vector["xi"])
+        key = MlDsa65PrivateKey.from_seed_bytes(xi)
+        pub = key.public_key()
+        sig = key.sign(b"test")
+        pub.verify(sig, b"test")
+
     def test_private_bytes_raw_round_trip(self, backend):
         key = MlDsa65PrivateKey.generate()
         seed = key.private_bytes_raw()

src/rust/test_data/mldsa44_pub.der

@@ -98,7 +98,5 @@ def test_mldsa65_sign_seed(backend, wycheproof):
             pub.verify(sig, msg)
     else:
         with pytest.raises(ValueError):
-            if has_ctx:
-                key.sign_with_context(msg, ctx)
-            else:
-                key.sign(msg)
+            assert has_ctx
+            key.sign_with_context(msg, ctx)