randombit
Add support for ML-DSA in TLS
asio tests are failing which is somewhat unexpected, I'll look at this tomorrow
Hi @randombit,
I tried to develop a solution by addressing @reneme's comment explaining the reason for the ASIO test failures. I made the following changes.
Changes: https://github.com/KaganCanSit/botan/commit/0f0afcfebbb8d9b8317a9eef305c3bf3064419ea
#include <algorithm>
Botan::OID cert_oid = i.certs[0].subject_public_key_algo().oid();
bool compatible =
std::ranges::any_of(cert_signature_schemes, [&cert_oid](const Botan::AlgorithmIdentifier& scheme) {
return scheme.oid() == cert_oid || (scheme.parameters_are_null_or_empty() &&
scheme.oid().to_formatted_string().starts_with(cert_oid.to_formatted_string()));
});
if(!compatible) {
continue;
}
Then I performed the following steps.
Compilation:
ninja clean && ./configure.py --without-documentation --with-boost --cc=clang --compiler-cache=ccache --build-targets=static,cli,tests --build-tool=ninja && ninja
Test-1:
./botan-test --test-threads=4 --run-long-tests
Test-2:
python3 src/scripts/test_cli.py ./botan cli_tls_socket_tests
Since I am not fully familiar with the functions here, I made improvements by checking the calls I could make. First, I compared the string components, but then I thought OID could be faster. I may have mistakes, but it can save you time and help you merge this PR content.
If you find it appropriate, I can create a PR or you can include it by cherry-pick.
