Skip to content

Make CertificateRequest et al work with ML-DSA #114471

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Apr 10, 2025
Merged

Make CertificateRequest et al work with ML-DSA #114471

merged 2 commits into from
Apr 10, 2025

Conversation

@bartonjs
Copy link
Member

  • Add ctors to CertificateRequest
  • Enlighten CertificateRequest that future signing algorithms might not require a HashAlgorithmName
  • Add support to CertificateRequestListBuilder
  • Add cert.GetMLDsaPublicKey/GetMLDsaPrivateKey/CopyWithPrivateKey to power the above.

This is the ML-DSA specific parts from #114357.
Contributes to #113502.

@bartonjs
Make CertificateRequest et al work with ML-DSA
e9cb11d 
* Add ctors to CertificateRequest
* Enlighten CertificateRequest that future signing algorithms might not require a HashAlgorithmName
* Add support to CertificateRequestListBuilder
* Add cert.GetMLDsaPublicKey/GetMLDsaPrivateKey/CopyWithPrivateKey to power the above.
@bartonjs bartonjs added this to the 10.0.0 milestone Apr 10, 2025
@bartonjs bartonjs self-assigned this Apr 10, 2025
@Copilot Copilot AI review requested due to automatic review settings April 10, 2025 04:37
@ghost
Copy link

ghost commented Apr 10, 2025

Note regarding the new-api-needs-documentation label:

This serves as a reminder for when your PR is modifying a ref *.cs file and adding/modifying public APIs, please make sure the API implementation in the src *.cs file is documented with triple slash comments, so the PR reviewers can sign off that change.

1 similar comment
@ghost
Copy link

ghost commented Apr 10, 2025

Note regarding the new-api-needs-documentation label:

This serves as a reminder for when your PR is modifying a ref *.cs file and adding/modifying public APIs, please make sure the API implementation in the src *.cs file is documented with triple slash comments, so the PR reviewers can sign off that change.

Copilot
Copilot AI reviewed Apr 10, 2025
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 30 out of 32 changed files in this pull request and generated no comments.

Files not reviewed (2)
  • src/libraries/System.Security.Cryptography/src/Resources/Strings.resx: Language not supported
  • src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj: Language not supported
Comments suppressed due to low confidence (2)

src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/MLDsa/MLDsaTestImplementation.cs:41

  • xUnit does not provide an Assert.Fail() method by default. Consider replacing Assert.Fail() with Assert.True(false, 'Failure message') or throwing an appropriate exception (e.g. new Xunit.Sdk.XunitException('Failure')) to indicate test failure.
ExportMLDsaPrivateSeedHook = _ => Assert.Fail(),

src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/CertificateRequest.cs:24

  • [nitpick] Changing the type of _key from AsymmetricAlgorithm? to object? reduces type safety and clarity regarding supported key types. Consider renaming the field or adding a comment to clearly indicate that it can hold multiple key types (e.g. RSA, ECDsa, MLDsa).
private readonly object? _key;

@dotnet-policy-service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

This was referenced Apr 10, 2025
Open
Open
Closed
Open
@vcsjones
Copy link
Member

@vcsjones-bot test e9cb11d with openssl-3.5

@bartonjs bartonjs mentioned this pull request Apr 10, 2025
Merged
@bartonjs bartonjs merged commit 743d179 into dotnet:main Apr 10, 2025
81 of 86 checks passed
@PranavSenthilnathan PranavSenthilnathan mentioned this pull request May 1, 2025
Merged
@github-actions github-actions bot locked and limited conversation to collaborators May 11, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

Copilot code review Copilot Copilot left review comments

@vcsjones vcsjones vcsjones approved these changes

Assignees

@bartonjs bartonjs

Labels

area-System.Security new-api-needs-documentation

Projects

None yet

Milestone

10.0.0

Development

Successfully merging this pull request may close these issues.

2 participants

@bartonjs @vcsjones