]> git.ipfire.org Git - thirdparty/openssl.git/commit
projects / thirdparty / openssl.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1036be4) | patch
Flexible encoders for ML-DSA
authorViktor Dukhovni <openssl-users@dukhovni.org>
Mon, 3 Feb 2025 01:39:29 +0000 (12:39 +1100)
committerTomas Mraz <tomas@openssl.org>
Fri, 14 Feb 2025 09:46:04 +0000 (10:46 +0100)
commit5421423ef95c6c2ee352422d13bd515bebe815d6
tree697f7ec88165cd071b0a074a9998a64ca412d595tree
parent1036be4384ba2af961fc4ce7289def47da2ec2b9commit | diff
Flexible encoders for ML-DSA

- Same UX as ML-KEM.  The main ASN.1 private key syntax is the one from
  Russ Housley's post on the LAMPS list, subsequently amended to tag the
  seed instead of the key (each of the three parameter sets will have a
  fixed size for the `expandedKey`):

    ML-DSA-PrivateKey ::= CHOICE {
      seed [0] IMPLICIT OCTET STRING SIZE (32),
      expandedKey OCTET STRING SIZE (2560 | 4032 | 4896)
      both SEQUENCE {
        seed OCTET STRING SIZE (32),
        expandedKey OCTET STRING SIZE (2560 | 4032 | 4896) } }

Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/26638)
61 files changed:
.gitattributes diff | blob | blame | history
apps/pkeyutl.c diff | blob | blame | history
crypto/err/openssl.txt diff | blob | blame | history
crypto/ml_dsa/ml_dsa_encoders.c diff | blob | blame | history
crypto/ml_dsa/ml_dsa_key.c diff | blob | blame | history
crypto/ml_dsa/ml_dsa_key.h diff | blob | blame | history
crypto/ml_dsa/ml_dsa_local.h diff | blob | blame | history
crypto/ml_dsa/ml_dsa_params.c diff | blob | blame | history
crypto/ml_dsa/ml_dsa_params.h [deleted file] blob | blame | history
crypto/ml_dsa/ml_dsa_sign.c diff | blob | blame | history
doc/man7/EVP_PKEY-ML-DSA.pod diff | blob | blame | history
include/crypto/ml_dsa.h diff | blob | blame | history
include/crypto/types.h diff | blob | blame | history
include/openssl/core_dispatch.h diff | blob | blame | history
include/openssl/proverr.h diff | blob | blame | history
providers/common/provider_err.c diff | blob | blame | history
providers/implementations/encode_decode/build.info diff | blob | blame | history
providers/implementations/encode_decode/decode_der2key.c diff | blob | blame | history
providers/implementations/encode_decode/encode_key2any.c diff | blob | blame | history
providers/implementations/encode_decode/encode_key2text.c diff | blob | blame | history
providers/implementations/encode_decode/ml_dsa_codecs.c [new file with mode: 0644] blob
providers/implementations/encode_decode/ml_dsa_codecs.h [new file with mode: 0644] blob
providers/implementations/keymgmt/ml_dsa_kmgmt.c diff | blob | blame | history
providers/implementations/signature/ml_dsa_sig.c diff | blob | blame | history
test/ml_dsa_test.c diff | blob | blame | history
test/recipes/15-test_ml_dsa_codecs.t [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/ml-dsa.cnf [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-bare-priv.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-bare-seed.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-oqskeypair.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-priv-only.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-priv.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-seed-only.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-seed-priv.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-44-seed.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-bare-priv.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-bare-seed.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-oqskeypair.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-priv-only.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-priv.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-seed-only.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-seed-priv.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-65-seed.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-bare-priv.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-bare-seed.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-oqskeypair.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-priv-only.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-priv.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-seed-only.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-seed-priv.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/prv-87-seed.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/pub-44.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/pub-44.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/pub-65.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/pub-65.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/pub-87.pem [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/pub-87.txt [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/sig-44.dat [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/sig-65.dat [new file with mode: 0644] blob
test/recipes/15-test_ml_dsa_codecs_data/sig-87.dat [new file with mode: 0644] blob
util/perl/OpenSSL/paramnames.pm diff | blob | blame | history
Mirror of https://github.com/openssl/openssl.git