From: Andreas Steffen Date: Mon, 9 Dec 2024 15:11:59 +0000 (+0100) Subject: pki: Add ML-DSA support X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1b3740ea2774cf4a5cf7477df28454f5e07fe392;p=thirdparty%2Fstrongswan.git pki: Add ML-DSA support --- diff --git a/src/pki/commands/gen.c b/src/pki/commands/gen.c index bedde19014..87e674a98c 100644 --- a/src/pki/commands/gen.c +++ b/src/pki/commands/gen.c @@ -53,6 +53,18 @@ static int gen() { type = KEY_ED448; } + else if (streq(arg, "mldsa44")) + { + type = KEY_ML_DSA_44; + } + else if (streq(arg, "mldsa65")) + { + type = KEY_ML_DSA_65; + } + else if (streq(arg, "mldsa87")) + { + type = KEY_ML_DSA_87; + } else { return command_usage("invalid key type"); @@ -95,7 +107,7 @@ static int gen() } break; } - /* default key sizes */ + /* default values for key types with variable key size */ if (!size) { switch (type) @@ -106,12 +118,6 @@ static int gen() case KEY_ECDSA: size = 384; break; - case KEY_ED25519: - size = 256; - break; - case KEY_ED448: - size = 456; - break; default: break; } @@ -167,7 +173,7 @@ static void __attribute__ ((constructor))reg() { command_register((command_t) { gen, 'g', "gen", "generate a new private key", - {"[--type rsa|ecdsa|ed25519|ed448] [--size bits] [--safe-primes]", + {"[--type rsa|ecdsa|ed25519|ed448|mldsa44|mldsa65|mldsa87] [--size bits] [--safe-primes]", "[--shares n] [--threshold l] [--outform der|pem]"}, { {"help", 'h', 0, "show usage information"}, diff --git a/src/pki/man/pki---gen.1.in b/src/pki/man/pki---gen.1.in index 708f58a52c..1ea4cede8c 100644 --- a/src/pki/man/pki---gen.1.in +++ b/src/pki/man/pki---gen.1.in @@ -46,7 +46,8 @@ Read command line options from \fIfile\fR. .TP .BI "\-t, \-\-type " type Type of key to generate. Either \fIrsa\fR, \fIecdsa\fR, \fIed25519\fR, -or \fIed448\fR, defaults to \fIrsa\fR. +\fIed448\fR, \fImldsa44\fR, \fImldsa65\fR or \fImldsa87\fR, defaults to +\fIrsa\fR. .TP .BI "\-s, \-\-size " bits Key length in bits. Defaults to 2048 for \fIrsa\fR and 384 for \fIecdsa\fR.