draft-kwiatkowski-tls-ecdhe-mlkem-03.
** API and ABI modifications:
-GNUTLS_PK_ML_DSA_44: New enum member of gnutls_pk_algorithm_t
-GNUTLS_PK_ML_DSA_65: New enum member of gnutls_pk_algorithm_t
-GNUTLS_PK_ML_DSA_87: New enum member of gnutls_pk_algorithm_t
-GNUTLS_SIGN_ML_DSA_44: New enum member of gnutls_sign_algorithm_t
-GNUTLS_SIGN_ML_DSA_65: New enum member of gnutls_sign_algorithm_t
-GNUTLS_SIGN_ML_DSA_87: New enum member of gnutls_sign_algorithm_t
+GNUTLS_PK_MLDSA44: New enum member of gnutls_pk_algorithm_t
+GNUTLS_PK_MLDSA65: New enum member of gnutls_pk_algorithm_t
+GNUTLS_PK_MLDSA87: New enum member of gnutls_pk_algorithm_t
+GNUTLS_SIGN_MLDSA44: New enum member of gnutls_sign_algorithm_t
+GNUTLS_SIGN_MLDSA65: New enum member of gnutls_sign_algorithm_t
+GNUTLS_SIGN_MLDSA87: New enum member of gnutls_sign_algorithm_t
* Version 3.8.8 (released 2024-11-05)
(((x) == GNUTLS_PK_MLKEM768) || ((x) == GNUTLS_PK_MLKEM1024) || \
((x) == GNUTLS_PK_EXP_KYBER768))
-#define IS_ML_DSA(x) \
- (((x) == GNUTLS_PK_ML_DSA_44) || ((x) == GNUTLS_PK_ML_DSA_65) || \
- ((x) == GNUTLS_PK_ML_DSA_87))
+#define IS_ML_DSA(x) \
+ (((x) == GNUTLS_PK_MLDSA44) || ((x) == GNUTLS_PK_MLDSA65) || \
+ ((x) == GNUTLS_PK_MLDSA87))
-#define ML_DSA_44_PUBKEY_SIZE 1312
-#define ML_DSA_65_PUBKEY_SIZE 1952
-#define ML_DSA_87_PUBKEY_SIZE 2592
+#define MLDSA44_PUBKEY_SIZE 1312
+#define MLDSA65_PUBKEY_SIZE 1952
+#define MLDSA87_PUBKEY_SIZE 2592
-#define ML_DSA_44_PRIVKEY_SIZE 2560
-#define ML_DSA_65_PRIVKEY_SIZE 4032
-#define ML_DSA_87_PRIVKEY_SIZE 4896
+#define MLDSA44_PRIVKEY_SIZE 2560
+#define MLDSA65_PRIVKEY_SIZE 4032
+#define MLDSA87_PRIVKEY_SIZE 4896
#define IS_GROUP_HYBRID(group) ((group)->ids[0] != GNUTLS_GROUP_INVALID)
.curve = GNUTLS_ECC_CURVE_INVALID },
#endif
{ .name = "ML-DSA-44",
- .oid = ML_DSA_44_OID,
- .id = GNUTLS_PK_ML_DSA_44,
+ .oid = MLDSA44_OID,
+ .id = GNUTLS_PK_MLDSA44,
.curve = GNUTLS_ECC_CURVE_INVALID,
.no_prehashed = 1 },
{ .name = "ML-DSA-65",
- .oid = ML_DSA_65_OID,
- .id = GNUTLS_PK_ML_DSA_65,
+ .oid = MLDSA65_OID,
+ .id = GNUTLS_PK_MLDSA65,
.curve = GNUTLS_ECC_CURVE_INVALID,
.no_prehashed = 1 },
{ .name = "ML-DSA-87",
- .oid = ML_DSA_87_OID,
- .id = GNUTLS_PK_ML_DSA_87,
+ .oid = MLDSA87_OID,
+ .id = GNUTLS_PK_MLDSA87,
.curve = GNUTLS_ECC_CURVE_INVALID,
.no_prehashed = 1 },
{ .name = "UNKNOWN",
{ "High", GNUTLS_SEC_PARAM_HIGH, 128, 3072, 3072, 256, 256, 0 },
#endif
{ "Ultra", GNUTLS_SEC_PARAM_ULTRA, 192, 8192, 8192, 384, 384,
- ML_DSA_65_PUBKEY_SIZE },
+ MLDSA65_PUBKEY_SIZE },
{ "Future", GNUTLS_SEC_PARAM_FUTURE, 256, 15360, 15360, 512, 512,
- ML_DSA_87_PUBKEY_SIZE },
+ MLDSA87_PUBKEY_SIZE },
{ NULL, 0, 0, 0, 0, 0, 0, 0 }
};
.hash = GNUTLS_DIG_SHA512,
.aid = TLS_SIGN_AID_UNKNOWN },
{ .name = "ML-DSA-44",
- .oid = ML_DSA_44_OID,
- .id = GNUTLS_SIGN_ML_DSA_44,
- .pk = GNUTLS_PK_ML_DSA_44,
+ .oid = MLDSA44_OID,
+ .id = GNUTLS_SIGN_MLDSA44,
+ .pk = GNUTLS_PK_MLDSA44,
.hash = GNUTLS_DIG_SHAKE_256,
.aid = TLS_SIGN_AID_UNKNOWN },
{ .name = "ML-DSA-65",
- .oid = ML_DSA_65_OID,
- .id = GNUTLS_SIGN_ML_DSA_65,
- .pk = GNUTLS_PK_ML_DSA_65,
+ .oid = MLDSA65_OID,
+ .id = GNUTLS_SIGN_MLDSA65,
+ .pk = GNUTLS_PK_MLDSA65,
.hash = GNUTLS_DIG_SHAKE_256,
.aid = TLS_SIGN_AID_UNKNOWN },
{ .name = "ML-DSA-87",
- .oid = ML_DSA_87_OID,
- .id = GNUTLS_SIGN_ML_DSA_87,
- .pk = GNUTLS_PK_ML_DSA_87,
+ .oid = MLDSA87_OID,
+ .id = GNUTLS_SIGN_MLDSA87,
+ .pk = GNUTLS_PK_MLDSA87,
.hash = GNUTLS_DIG_SHAKE_256,
.aid = TLS_SIGN_AID_UNKNOWN },
{ .name = 0,
* @GNUTLS_PK_EDDSA_ED448: Edwards curve Digital signature algorithm. Used with SHAKE256 on signatures.
* @GNUTLS_PK_MLKEM768: ML-KEM-768 key encapsulation algorithm as per FIPS 203.
* @GNUTLS_PK_MLKEM1024: ML-KEM-1024 key encapsulation algorithm as per FIPS 203.
- * @GNUTLS_PK_ML_DSA_44: ML-DSA-44 digital signature algorithm as per FIPS 204.
- * @GNUTLS_PK_ML_DSA_65: ML-DSA-65 digital signature algorithm as per FIPS 204.
- * @GNUTLS_PK_ML_DSA_87: ML-DSA-87 digital signature algorithm as per FIPS 204.
+ * @GNUTLS_PK_MLDSA44: ML-DSA-44 digital signature algorithm as per FIPS 204.
+ * @GNUTLS_PK_MLDSA65: ML-DSA-65 digital signature algorithm as per FIPS 204.
+ * @GNUTLS_PK_MLDSA87: ML-DSA-87 digital signature algorithm as per FIPS 204.
*
* Enumeration of different public-key algorithms.
*/
GNUTLS_PK_EDDSA_ED448 = 12,
GNUTLS_PK_RSA_OAEP = 13,
GNUTLS_PK_MLKEM768 = 14,
- GNUTLS_PK_ML_DSA_44 = 15,
- GNUTLS_PK_ML_DSA_65 = 16,
- GNUTLS_PK_ML_DSA_87 = 17,
+ GNUTLS_PK_MLDSA44 = 15,
+ GNUTLS_PK_MLDSA65 = 16,
+ GNUTLS_PK_MLDSA87 = 17,
GNUTLS_PK_MLKEM1024 = 18,
GNUTLS_PK_MAX = GNUTLS_PK_MLKEM1024,
* @GNUTLS_SIGN_GOST_256: Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 256 bit
* @GNUTLS_SIGN_GOST_512: Digital signature algorithm GOST R 34.10-2012 with GOST R 34.11-2012 512 bit
* @GNUTLS_SIGN_EDDSA_ED448: Digital signature algorithm EdDSA with Ed448 curve.
- * @GNUTLS_SIGN_ML_DSA_44: Digital signature algorithm ML-DSA-44.
- * @GNUTLS_SIGN_ML_DSA_65: Digital signature algorithm ML-DSA-65.
- * @GNUTLS_SIGN_ML_DSA_87: Digital signature algorithm ML-DSA-87.
+ * @GNUTLS_SIGN_MLDSA44: Digital signature algorithm ML-DSA-44.
+ * @GNUTLS_SIGN_MLDSA65: Digital signature algorithm ML-DSA-65.
+ * @GNUTLS_SIGN_MLDSA87: Digital signature algorithm ML-DSA-87.
*
* Enumeration of different digital signature algorithms.
*/
GNUTLS_SIGN_GOST_512 = 45,
GNUTLS_SIGN_EDDSA_ED448 = 46,
- GNUTLS_SIGN_ML_DSA_44 = 47,
- GNUTLS_SIGN_ML_DSA_65 = 48,
- GNUTLS_SIGN_ML_DSA_87 = 49,
- GNUTLS_SIGN_MAX = GNUTLS_SIGN_ML_DSA_87
+ GNUTLS_SIGN_MLDSA44 = 47,
+ GNUTLS_SIGN_MLDSA65 = 48,
+ GNUTLS_SIGN_MLDSA87 = 49,
+ GNUTLS_SIGN_MAX = GNUTLS_SIGN_MLDSA87
} gnutls_sign_algorithm_t;
/**
return OQS_KEM_alg_kyber_768;
case GNUTLS_PK_MLKEM1024:
return OQS_KEM_alg_ml_kem_1024;
- case GNUTLS_PK_ML_DSA_44:
+ case GNUTLS_PK_MLDSA44:
return OQS_SIG_alg_ml_dsa_44;
- case GNUTLS_PK_ML_DSA_65:
+ case GNUTLS_PK_MLDSA65:
return OQS_SIG_alg_ml_dsa_65;
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA87:
return OQS_SIG_alg_ml_dsa_87;
default:
gnutls_assert();
break;
}
#ifdef HAVE_LIBOQS
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87: {
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87: {
OQS_SIG *sig;
OQS_STATUS rc;
size_t size;
break;
}
#ifdef HAVE_LIBOQS
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87: {
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87: {
OQS_SIG *sig;
OQS_STATUS rc;
return algo_name != NULL &&
GNUTLS_OQS_FUNC(OQS_KEM_alg_is_enabled)(algo_name);
}
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87: {
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87: {
const char *algo_name;
if (_gnutls_liboqs_ensure() < 0)
case GNUTLS_PK_GOST_12_512:
#endif
case GNUTLS_PK_MLKEM768:
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
break;
default:
gnutls_assert();
case GNUTLS_PK_GOST_01:
case GNUTLS_PK_GOST_12_256:
case GNUTLS_PK_GOST_12_512:
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
ret = _gnutls_pk_sign(algo, &sig, &ddata, params, &spki);
if (ret < 0) {
ret = gnutls_assert_val(GNUTLS_E_PK_GENERATION_ERROR);
ret = 0;
break;
}
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
if (params->pkflags & GNUTLS_PK_FLAG_PROVABLE)
return gnutls_assert_val(GNUTLS_E_INVALID_REQUEST);
ret = 0;
break;
}
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87: {
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87: {
const char *algo_name;
if (_gnutls_liboqs_ensure() < 0)
case GNUTLS_PK_EDDSA_ED448:
case GNUTLS_PK_ECDH_X25519:
case GNUTLS_PK_ECDH_X448:
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
ret = _gnutls_set_datum(&pub->raw_pub, priv->raw_pub.data,
priv->raw_pub.size);
if (ret < 0)
case GNUTLS_PK_GOST_12_256:
case GNUTLS_PK_GOST_12_512:
return gnutls_ecc_curve_get_size(params->curve) * 8;
- case GNUTLS_PK_ML_DSA_44:
- return ML_DSA_44_PUBKEY_SIZE;
- case GNUTLS_PK_ML_DSA_65:
- return ML_DSA_65_PUBKEY_SIZE;
- case GNUTLS_PK_ML_DSA_87:
- return ML_DSA_87_PUBKEY_SIZE;
+ case GNUTLS_PK_MLDSA44:
+ return MLDSA44_PUBKEY_SIZE;
+ case GNUTLS_PK_MLDSA65:
+ return MLDSA65_PUBKEY_SIZE;
+ case GNUTLS_PK_MLDSA87:
+ return MLDSA87_PUBKEY_SIZE;
default:
return 0;
}
pubkey_to_bits(&key->params));
ret = 0;
break;
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
if (hash)
*hash = GNUTLS_DIG_SHAKE_256;
ret = 0;
case GNUTLS_PK_EDDSA_ED25519:
case GNUTLS_PK_EDDSA_ED448:
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
if (_gnutls_pk_verify(se->pk, data, signature, params,
sign_params) != 0) {
gnutls_assert();
#define GOST28147_89_CPC_OID "1.2.643.2.2.31.3"
#define GOST28147_89_CPD_OID "1.2.643.2.2.31.4"
-#define ML_DSA_44_OID "2.16.840.1.101.3.4.3.17"
-#define ML_DSA_65_OID "2.16.840.1.101.3.4.3.18"
-#define ML_DSA_87_OID "2.16.840.1.101.3.4.3.19"
+#define MLDSA44_OID "2.16.840.1.101.3.4.3.17"
+#define MLDSA65_OID "2.16.840.1.101.3.4.3.18"
+#define MLDSA87_OID "2.16.840.1.101.3.4.3.19"
#define ASN1_NULL "\x05\x00"
#define ASN1_NULL_SIZE 2
}
break;
#ifdef HAVE_LIBOQS
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
ret = _gnutls_set_datum(¶ms->raw_pub, der, dersize);
break;
#endif
case GNUTLS_PK_GOST_12_256:
case GNUTLS_PK_GOST_12_512:
#ifdef HAVE_LIBOQS
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
#endif
return 0;
default:
case GNUTLS_PK_EDDSA_ED448:
case GNUTLS_PK_ECDH_X25519:
case GNUTLS_PK_ECDH_X448:
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
der->data = NULL;
der->size = 0;
case GNUTLS_PK_GOST_12_256:
case GNUTLS_PK_GOST_12_512:
return _gnutls_x509_write_gost_pubkey(params, der);
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
return _gnutls_x509_write_ml_dsa_pubkey(params, der);
default:
return gnutls_assert_val(GNUTLS_E_UNIMPLEMENTED_FEATURE);
case GNUTLS_PK_DH:
/* DH keys are only exportable in PKCS#8 format */
return GNUTLS_E_INVALID_REQUEST;
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
return _gnutls_asn1_encode_ml_dsa(c2, params);
default:
return GNUTLS_E_UNIMPLEMENTED_FEATURE;
pk_algorithm != GNUTLS_PK_ECDH_X25519 &&
pk_algorithm != GNUTLS_PK_EDDSA_ED448 &&
pk_algorithm != GNUTLS_PK_ECDH_X448 &&
- pk_algorithm != GNUTLS_PK_ML_DSA_44 &&
- pk_algorithm != GNUTLS_PK_ML_DSA_65 &&
- pk_algorithm != GNUTLS_PK_ML_DSA_87) {
+ pk_algorithm != GNUTLS_PK_MLDSA44 &&
+ pk_algorithm != GNUTLS_PK_MLDSA65 &&
+ pk_algorithm != GNUTLS_PK_MLDSA87) {
/* RSA, EdDSA and ML-DSA algorithms do not use parameters */
result = _gnutls_x509_read_value(asn, name, &tmp);
if (pk_algorithm == GNUTLS_PK_RSA_PSS &&
pkey->params.algo = gnutls_oid_to_pk(oid);
switch (pkey->params.algo) {
- case GNUTLS_PK_ML_DSA_44:
- raw_priv_size = ML_DSA_44_PRIVKEY_SIZE;
- raw_pub_size = ML_DSA_44_PUBKEY_SIZE;
+ case GNUTLS_PK_MLDSA44:
+ raw_priv_size = MLDSA44_PRIVKEY_SIZE;
+ raw_pub_size = MLDSA44_PUBKEY_SIZE;
break;
- case GNUTLS_PK_ML_DSA_65:
- raw_priv_size = ML_DSA_65_PRIVKEY_SIZE;
- raw_pub_size = ML_DSA_65_PUBKEY_SIZE;
+ case GNUTLS_PK_MLDSA65:
+ raw_priv_size = MLDSA65_PRIVKEY_SIZE;
+ raw_pub_size = MLDSA65_PUBKEY_SIZE;
break;
- case GNUTLS_PK_ML_DSA_87:
- raw_priv_size = ML_DSA_87_PRIVKEY_SIZE;
- raw_pub_size = ML_DSA_87_PUBKEY_SIZE;
+ case GNUTLS_PK_MLDSA87:
+ raw_priv_size = MLDSA87_PRIVKEY_SIZE;
+ raw_pub_size = MLDSA87_PUBKEY_SIZE;
break;
default:
return gnutls_assert_val(
&_data);
if (result >= 0) {
key->params.algo =
- GNUTLS_PK_ML_DSA_44;
+ GNUTLS_PK_MLDSA44;
}
#endif
}
case GNUTLS_PK_EC:
return PEM_KEY_ECC;
#ifdef HAVE_LIBOQS
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
return PEM_KEY_ML_DSA;
#endif
default:
gnutls_assert();
return ret;
#ifdef HAVE_LIBOQS
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
ret = _gnutls_x509_encode_string(
ASN1_ETYPE_OCTET_STRING, pkey->params.raw_priv.data,
pkey->params.raw_priv.size + pkey->params.raw_pub.size,
};
static const struct pq_key_length_st pq_key_lengths[] = {
- { GNUTLS_PK_ML_DSA_44, OQS_SIG_ml_dsa_44_length_secret_key,
+ { GNUTLS_PK_MLDSA44, OQS_SIG_ml_dsa_44_length_secret_key,
OQS_SIG_ml_dsa_44_length_public_key },
- { GNUTLS_PK_ML_DSA_65, OQS_SIG_ml_dsa_65_length_secret_key,
+ { GNUTLS_PK_MLDSA65, OQS_SIG_ml_dsa_65_length_secret_key,
OQS_SIG_ml_dsa_65_length_public_key },
- { GNUTLS_PK_ML_DSA_87, OQS_SIG_ml_dsa_87_length_secret_key,
+ { GNUTLS_PK_MLDSA87, OQS_SIG_ml_dsa_87_length_secret_key,
OQS_SIG_ml_dsa_87_length_public_key },
{ GNUTLS_PK_UNKNOWN, 0, 0 }
pkey->params.algo);
break;
#ifdef HAVE_LIBOQS
- case GNUTLS_PK_ML_DSA_44:
- case GNUTLS_PK_ML_DSA_65:
- case GNUTLS_PK_ML_DSA_87:
+ case GNUTLS_PK_MLDSA44:
+ case GNUTLS_PK_MLDSA65:
+ case GNUTLS_PK_MLDSA87:
result = _decode_pkcs8_pqc_alg_key(pkcs8_asn, pkey, oid);
break;
#endif
else if (strcasecmp(key_type, "gost12-512") == 0)
return GNUTLS_PK_GOST_12_512;
else if (strcasecmp(key_type, "mldsa44") == 0)
- return GNUTLS_PK_ML_DSA_44;
+ return GNUTLS_PK_MLDSA44;
else if (strcasecmp(key_type, "mldsa65") == 0)
- return GNUTLS_PK_ML_DSA_65;
+ return GNUTLS_PK_MLDSA65;
else if (strcasecmp(key_type, "mldsa87") == 0)
- return GNUTLS_PK_ML_DSA_87;
+ return GNUTLS_PK_MLDSA87;
else {
fprintf(stderr, "unknown key type: %s\n", key_type);
return GNUTLS_PK_UNKNOWN;
key_type == GNUTLS_PK_ECDH_X448 || key_type == GNUTLS_PK_GOST_01 ||
key_type == GNUTLS_PK_GOST_12_256 ||
key_type == GNUTLS_PK_GOST_12_512 ||
- key_type == GNUTLS_PK_ML_DSA_44 ||
- key_type == GNUTLS_PK_ML_DSA_65 ||
- key_type == GNUTLS_PK_ML_DSA_87) {
+ key_type == GNUTLS_PK_MLDSA44 || key_type == GNUTLS_PK_MLDSA65 ||
+ key_type == GNUTLS_PK_MLDSA87) {
if (cinfo->verbose)
fprintf(stderr,
"Assuming --pkcs8 is given; %s private keys can only be exported in PKCS#8 format\n",
projects / thirdparty / gnutls.git / commitdiff
