Skip to content

Seed in the skeleton of ML-DSA based on current prototyping #112891

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Mar 6, 2025
Merged

Seed in the skeleton of ML-DSA based on current prototyping #112891

merged 10 commits into from
Mar 6, 2025

Conversation

bartonjs
Copy link
Member

This seeds a lot of untested boilerplate code as non-public types in System.Security.Cryptography.

When we start work on ML-DSA, we can take this, make MLDsa and MLDsaAlgorithm public, start to write tests, and wire up an implementation. We can also take this and clone+customize it for the other PQC algorithms.

It does not define all span-vs-array overloads for all spanified members, just one candidate per method group.

As the PQC experiment needs to make it further before we can commit to the shape, it is both starting without API Review, and pre-emptively applying the Experimental attribute.

@bartonjs bartonjs added this to the 10.0.0 milestone Feb 25, 2025
@bartonjs bartonjs self-assigned this Feb 25, 2025
@Copilot Copilot AI review requested due to automatic review settings February 25, 2025 01:52
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Copilot
Copilot AI reviewed Feb 25, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 6 out of 11 changed files in this pull request and generated no comments.

Files not reviewed (5)
  • src/libraries/System.Security.Cryptography/src/Resources/Strings.resx: Language not supported
  • src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj: Language not supported
  • src/libraries/Common/src/System/Security/Cryptography/Oids.cs: Evaluated as low risk
  • src/libraries/Common/src/System/Experimentals.cs: Evaluated as low risk
  • src/libraries/Common/src/System/Security/Cryptography/KeyFormatHelper.Encrypted.cs: Evaluated as low risk

This was referenced Feb 25, 2025
Open
Closed
This was referenced Feb 25, 2025
Open
Open
Open
Open
vcsjones
vcsjones reviewed Feb 25, 2025
View reviewed changes
@bartonjs bartonjs requested a review from jeffhandley as a code owner March 5, 2025 01:41
stephentoub
stephentoub reviewed Mar 5, 2025
View reviewed changes
src/libraries/Common/src/System/Security/Cryptography/IImportExportShape.cs

namespace System.Security.Cryptography
{
#if DESIGNTIMEINTERFACES
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the purpose of this ifdef? This file appears to only be consumed into the S.S.Cryptography.csproj, which sets this.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It’ll also be consumed in Microsoft.Bcl.Cryptography as the project gets further along

stephentoub
stephentoub reviewed Mar 5, 2025
View reviewed changes
src/libraries/Common/src/System/Security/Cryptography/MLDsa.cs
private static void ThrowAlgorithmUnknown(AsnWriter encodedId)
{
#if NET9_0_OR_GREATER
throw encodedId.Encode(static encoded =>
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's the benefit of this .NET 9 path as compared to the other one?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

At runtime, it prevents the creation of a 24-ish byte array that just gets passed in to ToHexString. (Since it's on an exception path that's not high value...)

At compile time, it makes us feel good about having created the callback-based overload.

@bartonjs
Seal MLDsaAlgorithm
43e1213 
Both because it's currently an internal type (and failing the build),
but also because it should be sealed as public API.
vcsjones
vcsjones approved these changes Mar 6, 2025
View reviewed changes
Copy link
Member

@vcsjones vcsjones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me, API-shape wise.

@bartonjs
Copy link
Member Author

bartonjs commented Mar 6, 2025
edited
Loading

/ba-g Uncalled code, and the test failures are only from "'findstr' is not recognized as an internal or external command,"

@bartonjs bartonjs merged commit d09a42b into dotnet:main Mar 6, 2025
82 of 85 checks passed
@bartonjs bartonjs deleted the seed_pqc_types branch March 6, 2025 18:42
@bartonjs bartonjs mentioned this pull request Mar 13, 2025
Open
@github-actions github-actions bot locked and limited conversation to collaborators Apr 6, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@stephentoub stephentoub stephentoub left review comments

Copilot code review Copilot Copilot left review comments

@vcsjones vcsjones vcsjones approved these changes

@krwq krwq Awaiting requested review from krwq

@GrabYourPitchforks GrabYourPitchforks Awaiting requested review from GrabYourPitchforks

@jeffhandley jeffhandley Awaiting requested review from jeffhandley jeffhandley is a code owner

Assignees

@bartonjs bartonjs

Labels
area-System.Security
Projects
None yet
Milestone
10.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@bartonjs @vcsjones @stephentoub