Add ML-DSA SPKI/PKCS#8 DER support to d2i_PUBKEY and d2i_PrivateKey.

Author: cconlon

certs/mldsa/README.txt

@@ -0,0 +1,20 @@
+ML-DSA (FIPS 204) test key material for wolfSSL tests.
+
+File variants, per level N in {44, 65, 87}:
+  mldsa<N>_bare-seed.der    raw 32-byte seed
+  mldsa<N>_seed-only.der    PKCS#8 with seed-only private key
+  mldsa<N>_bare-priv.der    raw expanded private key
+  mldsa<N>_priv-only.der    PKCS#8 with expanded-only private key
+  mldsa<N>_seed-priv.der    PKCS#8 with seed-and-expanded private key
+  mldsa<N>_oqskeypair.der   liboqs concatenated (priv || pub) format
+  mldsa<N>_pub-spki.der     SubjectPublicKeyInfo wrapping the public key
+
+The *_pub-spki.der files were derived from the matching *_priv-only.der files
+using OpenSSL 3.5+:
+
+  openssl pkey -inform DER -in mldsa<N>_priv-only.der \
+      -pubout -outform DER -out mldsa<N>_pub-spki.der
+
+Regenerating the private-key variants requires producing each of the
+PKCS#8 shape options explicitly; OpenSSL's default output is the
+seed-and-expanded form.

certs/mldsa/include.am

@@ -3,20 +3,24 @@
 #
 
 EXTRA_DIST += \
+		 certs/mldsa/README.txt \
 		 certs/mldsa/mldsa44_seed-only.der \
 		 certs/mldsa/mldsa44_priv-only.der \
+		 certs/mldsa/mldsa44_pub-spki.der \
 		 certs/mldsa/mldsa44_seed-priv.der \
 		 certs/mldsa/mldsa44_oqskeypair.der \
 		 certs/mldsa/mldsa44_bare-seed.der \
 		 certs/mldsa/mldsa44_bare-priv.der \
 		 certs/mldsa/mldsa65_seed-only.der \
 		 certs/mldsa/mldsa65_priv-only.der \
+		 certs/mldsa/mldsa65_pub-spki.der \
 		 certs/mldsa/mldsa65_seed-priv.der \
 		 certs/mldsa/mldsa65_oqskeypair.der \
 		 certs/mldsa/mldsa65_bare-seed.der \
 		 certs/mldsa/mldsa65_bare-priv.der \
 		 certs/mldsa/mldsa87_seed-only.der \
 		 certs/mldsa/mldsa87_priv-only.der \
+		 certs/mldsa/mldsa87_pub-spki.der \
 		 certs/mldsa/mldsa87_seed-priv.der \
 		 certs/mldsa/mldsa87_oqskeypair.der \
 		 certs/mldsa/mldsa87_bare-seed.der \

certs/mldsa/mldsa44_pub-spki.der

@@ -2094,6 +2094,51 @@
 
 ";
 
+# ML-DSA test key material encoded per the IETF LAMPS WG profile:
+# SubjectPublicKeyInfo for public keys, PKCS#8 PrivateKeyInfo for
+# private keys, using the NIST id-ml-dsa-N OIDs.
+print OUT_FILE "#if defined(HAVE_DILITHIUM)\n\n";
+
+for my $L ( [44,"WOLFSSL_NO_ML_DSA_44"],
+            [65,"WOLFSSL_NO_ML_DSA_65"],
+            [87,"WOLFSSL_NO_ML_DSA_87"] ) {
+    my ($n, $noLevel) = @$L;
+
+    print OUT_FILE "#if !defined($noLevel)\n\n";
+
+    print OUT_FILE "#ifndef WOLFSSL_DILITHIUM_NO_VERIFY\n";
+    print OUT_FILE "/* ./certs/mldsa/mldsa${n}_pub-spki.der */\n";
+    print OUT_FILE "static const unsigned char mldsa${n}_pub_spki[] =\n{\n";
+    file_to_hex("./certs/mldsa/mldsa${n}_pub-spki.der");
+    print OUT_FILE "};\n";
+    print OUT_FILE "#define sizeof_mldsa${n}_pub_spki (sizeof(mldsa${n}_pub_spki))\n";
+    print OUT_FILE "#endif /* !WOLFSSL_DILITHIUM_NO_VERIFY */\n\n";
+
+    print OUT_FILE "#ifndef WOLFSSL_DILITHIUM_NO_SIGN\n";
+    print OUT_FILE "/* ./certs/mldsa/mldsa${n}_priv-only.der */\n";
+    print OUT_FILE "static const unsigned char mldsa${n}_priv_only[] =\n{\n";
+    file_to_hex("./certs/mldsa/mldsa${n}_priv-only.der");
+    print OUT_FILE "};\n";
+    print OUT_FILE "#define sizeof_mldsa${n}_priv_only (sizeof(mldsa${n}_priv_only))\n";
+
+    print OUT_FILE "/* ./certs/mldsa/mldsa${n}_seed-priv.der */\n";
+    print OUT_FILE "static const unsigned char mldsa${n}_seed_priv[] =\n{\n";
+    file_to_hex("./certs/mldsa/mldsa${n}_seed-priv.der");
+    print OUT_FILE "};\n";
+    print OUT_FILE "#define sizeof_mldsa${n}_seed_priv (sizeof(mldsa${n}_seed_priv))\n";
+
+    print OUT_FILE "/* ./certs/mldsa/mldsa${n}_seed-only.der */\n";
+    print OUT_FILE "static const unsigned char mldsa${n}_seed_only[] =\n{\n";
+    file_to_hex("./certs/mldsa/mldsa${n}_seed-only.der");
+    print OUT_FILE "};\n";
+    print OUT_FILE "#define sizeof_mldsa${n}_seed_only (sizeof(mldsa${n}_seed_only))\n";
+    print OUT_FILE "#endif /* !WOLFSSL_DILITHIUM_NO_SIGN */\n\n";
+
+    print OUT_FILE "#endif /* !$noLevel */\n\n";
+}
+
+print OUT_FILE "#endif /* HAVE_DILITHIUM */\n\n";
+
 # convert and print 256-bit cert/keys
 print OUT_FILE "#if defined(HAVE_ECC) && defined(USE_CERT_BUFFERS_256)\n\n";
 for (my $i = 0; $i < $num_ecc; $i++) {