The CMP test suite currently lacks finished coverage for X.509 certificates that use the
NIST-standardized post-quantum algorithms (ML-KEM, ML-DSA, SLH-DSA) with final LAMPS profiles.
This includes issuing, parsing, and validating certificates and PKIMessages that use these algorithms.
Motivation and Context
- The final FIPS releases (203/204/205) are the baseline for PQC adoption in X.509 PKI.
- Several CMP flows rely on correct PQC certificate handling across Robot Framework suites
and Python utilities.
- Aligning with the published LAMPS specifications keeps the suite interoperable with
other PQC-enabled ecosystems.
Desired Support
- Fix references to drafts inside the RF test cases.
- Check if the Robot Framework test cases cover all necessary scenarios and conditions.
- Add the test cases to the
SERVER_PQC_AND_HYBRID_TEST_COVERAGE.md and
SERVER_ALGORITHM_TEST_COVERAGE.md files.
Required Work Items
-
Refresh data/rfc_test_vectors/ to match the finalized RFC artifacts and unit tests, if needed.
-
Validate existing test cases
Validate the existing Robot Framework test cases in tests_pq_and_hybrid/ to ensure they cover:
- Issuance of certificates with ML-KEM, ML-DSA, and SLH-DSA algorithms.
- Parsing and validation of such certificates in various CMP message types
(P10CR, IR, CR, KUR, RR).
-
Add minimal examples
Add minimal examples inside
kem_tests.robot and
pq_sig_tests.robot.
Use a configuration variable to define the default algorithm for all three supported PQC algorithms.
-
Update generation scripts
Update
generate_alg_test_cases.py and
generate_pki_prot_tests.py
to generate verbose test cases for all three algorithms inside:
-
Add verbose parameter-set tests
Add verbose tests for all different parameter sets of ML-KEM, ML-DSA, and SLH-DSA algorithms inside:
-
Run and verify with MockCA
Run the tests against MockCA, fix any issues found during testing, or open a new issue for later resolution.
-
Update the REFERENCES.md to match the final RFCs.
Should be added later
-
Add Certificate Confirmation tests to check the usage of the correct hash algorithm
inside the certConf messages and the correct acceptance with a returned pkiconf message.
To perform this test, the CA must know which signing algorithm should be used,
so for simplicity a new URL endpoint is advised. Unless there is a better solution.
-
There is no official solution, so it is advised to use, for SLH-DSA, the hash algorithm
defined in the CMS RFC. For ML-DSA, it is advised to use SHA-512 as the hash algorithm.
Test Coverage
- Ensure Robot suites under
tests_pq_and_hybrid/ validate both
acceptance and rejection paths for the final PQC certificate standards.
- Update
ALGORITHM_TEST_COVERAGE.md and SERVER_TEST_COVERAGE.md to reflect the new PQC scenarios.
Implementation Notes
- Existing test cases for draft versions of the algorithms should be reviewed and potentially adapted.
- Should wait until all RFCs are published.
References
- FIPS 203 — Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM).
- FIPS 204 — Module-Lattice-Based Digital Signature Algorithm (ML-DSA).
- FIPS 205 — Stateless Hash-Based Digital Signature Algorithm (SLH-DSA).
- RFC 9814 — Use of the SLH-DSA Signature Algorithm in CMS.
- RFC 9882 — Use of the ML-DSA Signature Algorithm in CMS.
- RFC 9881 — Use of the ML-DSA in X.509.*
- RFC 9909 — Use of the SLH-DSA in X.509..*
Latest LAMPS Drafts
draft-ietf-lamps-kyber-certificates (in RFC Ed Queue)draft-ietf-lamps-cms-kyber: Use of ML-KEM in CMS (RFC Ed Queue)
The CMP test suite currently lacks finished coverage for X.509 certificates that use the
NIST-standardized post-quantum algorithms (ML-KEM, ML-DSA, SLH-DSA) with final LAMPS profiles.
This includes issuing, parsing, and validating certificates and PKIMessages that use these algorithms.
Motivation and Context
and Python utilities.
other PQC-enabled ecosystems.
Desired Support
SERVER_PQC_AND_HYBRID_TEST_COVERAGE.mdandSERVER_ALGORITHM_TEST_COVERAGE.mdfiles.Required Work Items
Refresh
data/rfc_test_vectors/to match the finalized RFC artifacts and unit tests, if needed.Validate existing test cases
Validate the existing Robot Framework test cases in
tests_pq_and_hybrid/to ensure they cover:(
P10CR,IR,CR,KUR,RR).Add minimal examples
Add minimal examples inside
kem_tests.robot and
pq_sig_tests.robot.
Use a configuration variable to define the default algorithm for all three supported PQC algorithms.
Update generation scripts
Update
generate_alg_test_cases.py and
generate_pki_prot_tests.py
to generate verbose test cases for all three algorithms inside:
Add verbose parameter-set tests
Add verbose tests for all different parameter sets of ML-KEM, ML-DSA, and SLH-DSA algorithms inside:
Run and verify with MockCA
Run the tests against MockCA, fix any issues found during testing, or open a new issue for later resolution.
Update the REFERENCES.md to match the final RFCs.
Should be added later
Add Certificate Confirmation tests to check the usage of the correct hash algorithm
inside the
certConfmessages and the correct acceptance with a returnedpkiconfmessage.To perform this test, the CA must know which signing algorithm should be used,
so for simplicity a new URL endpoint is advised. Unless there is a better solution.
There is no official solution, so it is advised to use, for
SLH-DSA, the hash algorithmdefined in the CMS RFC. For
ML-DSA, it is advised to use SHA-512 as the hash algorithm.Test Coverage
tests_pq_and_hybrid/validate bothacceptance and rejection paths for the final PQC certificate standards.
ALGORITHM_TEST_COVERAGE.mdandSERVER_TEST_COVERAGE.mdto reflect the new PQC scenarios.Implementation Notes
References
Latest LAMPS Drafts
draft-ietf-lamps-kyber-certificates(in RFC Ed Queue)draft-ietf-lamps-cms-kyber: Use of ML-KEM in CMS (RFC Ed Queue)