Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Printing a Dilithium3 key file results in an incomplete output, omitting the last 4 bytes of the keys. #267

Closed
AlexeyMavrin opened this issue Sep 30, 2023 · 1 comment · Fixed by #268
Labels
bug Something isn't working

Comments

@AlexeyMavrin
Copy link

When printing out the Dilithium3 key file using the openssl pkey -text -in sample.key command, the output text omits the last 4 bytes from both private and public keys. These bytes are valid and should be printed. The following reproduction steps will show the presence of the missing bytes in the DER key file.

Note that a Dilithium3 key file contains both public and private keys, and so the pkey -text command fails to print the last 4 bytes for both.

To Reproduce

# Generate cert and key.
openssl req -x509 -new -newkey dilithium3 -keyout sample.key -out sample.crt -nodes -subj "/CN=sample"
# The output from this command is missing the last 4 bytes from both the public key and secret key, totaling 8 bytes.
openssl pkey -text -in sample.key
# Convert the key file to DER.
openssl pkey -in sample.key -outform DER -out sample.key.der
# Print the DER file.
xxd -i sample.key.der

Expected behavior

Below is the end of the sample output from the openssl pkey -text -in sample.key command:

...
    53:a3:bf:dd:bd:4a:4d:ad:8b:43:7c:a2:1b:7f:51:
    db:19:69:45:2c:5d:cd:12:d9:a8:a4:3c:61:42:c7:
    84:6c:b1:fa:5f:0a:7c:34:f1:45:84:81:d2

Compare it to the sample.key.der:

...                                         0x53, 0xa3, 0xbf, 0xdd, 0xbd,
  0x4a, 0x4d, 0xad, 0x8b, 0x43, 0x7c, 0xa2, 0x1b, 0x7f, 0x51, 0xdb, 0x19,
  0x69, 0x45, 0x2c, 0x5d, 0xcd, 0x12, 0xd9, 0xa8, 0xa4, 0x3c, 0x61, 0x42,
  0xc7, 0x84, 0x6c, 0xb1, 0xfa, 0x5f, 0x0a, 0x7c, 0x34, 0xf1, 0x45, 0x84,
  0x81, 0xd2, 0xd5, 0x36, 0x09, 0xf8
...

Note the last missing bytes: 0xd5, 0x36, 0x09, 0xf8. So expecting the following output:

...
    53:a3:bf:dd:bd:4a:4d:ad:8b:43:7c:a2:1b:7f:51:
    db:19:69:45:2c:5d:cd:12:d9:a8:a4:3c:61:42:c7:
    84:6c:b1:fa:5f:0a:7c:34:f1:45:84:81:d2:d5:36:09:f8

The same issue occurs for the other key in this file.

Environment:

  • OS: MacOS 10.15.7
➜ openssl version
OpenSSL 3.1.2 1 Aug 2023 (Library: OpenSSL 3.1.2 1 Aug 2023)
➜ openssl list -providers
Providers:
  default
    name: OpenSSL Default Provider
    version: 3.1.2
    status: active
  oqsprovider
    name: OpenSSL OQS Provider
    version: 0.5.2-dev
    status: active
@baentsch
Copy link
Member

Thanks for this bug report, @AlexeyMavrin. Indeed, there's an obvious logical mistake in our "text key printout" logic for plain PQ keys. #268 should fix this: I'd be glad if you could check whether this correctly fixes the issue for you (either on the PR branch or after this has landed in "main" branch). Thanks in advance for this check.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants