Skip to content

Add CompositeMLDsa CNG (NCrypt)#130053

Draft
PranavSenthilnathan wants to merge 4 commits into
dotnet:mainfrom
PranavSenthilnathan:cmldsa-ncrypt
Draft

Add CompositeMLDsa CNG (NCrypt)#130053
PranavSenthilnathan wants to merge 4 commits into
dotnet:mainfrom
PranavSenthilnathan:cmldsa-ncrypt

Conversation

@PranavSenthilnathan

@PranavSenthilnathan PranavSenthilnathan commented Jun 30, 2026

Copy link
Copy Markdown
Member

Wires up Composite ML-DSA CNG support.

The APIs in #130052 is pending approval so they're internal in this PR.

PKCS8 export does not work in Windows for Composite ML-DSA (yet), so encrypted export only keys can't currently be exported. Also, PKCS8 export is done by exporting the private key instead.

@dotnet-policy-service

Copy link
Copy Markdown
Contributor

Tagging subscribers to this area: @bartonjs, @vcsjones, @dotnet/area-system-security
See info in area-owners.md if you want to be subscribed.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 19 out of 19 changed files in this pull request and generated 2 comments.

throw new PlatformNotSupportedException(SR.Format(SR.Cryptography_AlgorithmNotSupported, nameof(CompositeMLDsa)));
protected override int ExportCompositeMLDsaPrivateKeyCore(Span<byte> destination) =>
CngPkcs8.AllowsOnlyEncryptedExport(_key)
? throw new CryptographicException(SR.Cryptography_KeyNotExtractable)

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

How exactly is Windows failing? If they're giving an HR saying "no workey", then let's just go ahead and call them how we expect to, and maybe we don't have to come back and wire it up.

If they're A/V-ing or something, then, sure, throwing here is good.

Repeats to other places with the same check.

Copy link
Copy Markdown
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Windows returns an error code for unsupported algo and we wrap it in an exception with an appropriate message.

/// <value>
/// An object that specifies the Composite ML-DSA family of algorithms.
/// </value>
[Experimental(Experimentals.PostQuantumCryptographyDiagId, UrlFormat = Experimentals.SharedUrlFormat)]

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I assume the [Experimental] is because the feature is only in insiders right now?

Copy link
Copy Markdown
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The whole ietf-lamps-pq-composite-sigs is still a draft RFC.

Comment thread src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs Outdated
Copilot AI review requested due to automatic review settings July 7, 2026 08:08

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 20 out of 20 changed files in this pull request and generated 2 comments.

/// <inheritdoc/>
protected override int SignDataCore(ReadOnlySpan<byte> data, ReadOnlySpan<byte> context, Span<byte> destination) =>
throw new PlatformNotSupportedException(SR.Format(SR.Cryptography_AlgorithmNotSupported, nameof(CompositeMLDsa)));
protected override int SignDataCore(ReadOnlySpan<byte> data, ReadOnlySpan<byte> context, Span<byte> destination)
/// <inheritdoc/>
protected override int ExportCompositeMLDsaPrivateKeyCore(Span<byte> destination) =>
throw new PlatformNotSupportedException(SR.Format(SR.Cryptography_AlgorithmNotSupported, nameof(CompositeMLDsa)));
protected override bool VerifyDataCore(ReadOnlySpan<byte> data, ReadOnlySpan<byte> context, ReadOnlySpan<byte> signature)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants