Skip to content

[release/10.0] SPKI and PKCS#8 for Composite ML-DSA (#119837) #119914

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Sep 22, 2025
Merged

[release/10.0] SPKI and PKCS#8 for Composite ML-DSA (#119837) #119914

merged 1 commit into from
Sep 22, 2025

Conversation

PranavSenthilnathan
Copy link
Member

Backport of #119837 to release/10.0

Adds SPKI and PKCS#8 support for managed Composite ML-DSA implementation.

Customer Impact

This adds an implementation to a method that previously threw PlatformNotSupportedException.

Regression

  • Yes
  • No

Testing

Tests added.

Risk

Low

@PranavSenthilnathan PranavSenthilnathan added this to the 10.0.0 milestone Sep 19, 2025
@PranavSenthilnathan PranavSenthilnathan self-assigned this Sep 19, 2025
@Copilot Copilot AI review requested due to automatic review settings September 19, 2025 22:05
Copilot
Copilot AI reviewed Sep 19, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds SPKI (Subject Public Key Info) and PKCS#8 support for the managed Composite ML-DSA implementation. It implements methods that previously threw PlatformNotSupportedException, enabling export and import of keys in these standard formats.

Key changes:

  • Implements PKCS#8 export functionality in the managed implementation
  • Adds comprehensive test helpers for SPKI and PKCS#8 operations
  • Adds extensive test coverage for new import/export methods with various formats

Reviewed Changes

Copilot reviewed 9 out of 9 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
src/libraries/Common/tests/System/Security/Cryptography/AsnUtils.cs Adds utility method to convert DER to non-minimal BER encoding for testing
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/CompositeMLDsa/CompositeMLDsaTestHelpers.cs Adds comprehensive test helpers for SPKI, PKCS#8, and encrypted key operations
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/CompositeMLDsa/CompositeMLDsaTestData.cs Adds SPKI extraction from test vectors and helper method
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/CompositeMLDsa/CompositeMLDsaMockImplementation.cs Updates mock implementation with PKCS#8 export support and improved test assertions
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/CompositeMLDsa/CompositeMLDsaImplementationTests.cs Adds roundtrip tests for PKCS#8, SPKI, and encrypted formats
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/CompositeMLDsa/CompositeMLDsaFactoryTests.cs Adds validation tests for import methods and error handling
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/CompositeMLDsa/CompositeMLDsaContractTests.cs Adds comprehensive contract tests for export methods and argument validation
src/libraries/Common/src/System/Security/Cryptography/CompositeMLDsaManaged.cs Implements PKCS#8 export functionality
src/libraries/Common/src/System/Security/Cryptography/CompositeMLDsa.cs Updates import logic and removes TODO comments

@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@PranavSenthilnathan PranavSenthilnathan changed the title [release/10.0] SPKI and PKCS\#8 for Composite ML-DSA (#119837) [release/10.0] SPKI and PKCS#8 for Composite ML-DSA (#119837) Sep 19, 2025
@PranavSenthilnathan
Copy link
Member Author

Once #119919 gets merged, I'm planning on cherry-picking it into this PR.

@artl93 artl93 added the Servicing-approved Approved for servicing release label Sep 19, 2025
@PranavSenthilnathan
Copy link
Member Author

Once #119919 gets merged, I'm planning on cherry-picking it into this PR.

This PR already has green CI so let's just get this in and backport #119919 separately. #119919 only contains test fixes so it doesn't need to get in for RC2.

@artl93 artl93 merged commit 5c142a6 into dotnet:release/10.0 Sep 22, 2025
93 of 96 checks passed
@PranavSenthilnathan PranavSenthilnathan deleted the backport-cmldsa-pkcs8 branch September 23, 2025 00:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@artl93 artl93 artl93 approved these changes

@bartonjs bartonjs Awaiting requested review from bartonjs

Assignees

@PranavSenthilnathan PranavSenthilnathan

Labels
area-System.Security Servicing-approved Approved for servicing release
Projects
None yet
Milestone
10.0.0
Development

Successfully merging this pull request may close these issues.
2 participants
@PranavSenthilnathan @artl93