Skip to content

Add table of OIDs for use when implementing HashML-DSA and HashSLH-DSA#331

Merged
athoelke merged 2 commits intoARM-software:mainfrom
athoelke:crypto-oids-for-pqc
Jan 28, 2026
Merged

Add table of OIDs for use when implementing HashML-DSA and HashSLH-DSA#331
athoelke merged 2 commits intoARM-software:mainfrom
athoelke:crypto-oids-for-pqc

Conversation

@athoelke
Copy link
Copy Markdown
Contributor

@athoelke athoelke commented Jan 23, 2026
edited
Loading

Fixes #323

@athoelke athoelke self-assigned this Jan 23, 2026
@athoelke athoelke added clarification Something is confusing or missing in the documentation Crypto API Issue or PR related to the Cryptography API labels Jan 23, 2026
@athoelke athoelke moved this to In Progress in PSA Certified API development Jan 23, 2026
@athoelke athoelke added this to the PQC Extension FInal-1 milestone Jan 23, 2026
@athoelke athoelke mentioned this pull request Jan 23, 2026
Merged
MarcusJGStreets
MarcusJGStreets approved these changes Jan 27, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@MarcusJGStreets MarcusJGStreets left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I have not checked that you have copied and pasted the OIDs correctly.
But the structure looks good.

@athoelke
Copy link
Copy Markdown
Contributor Author

athoelke commented Jan 27, 2026
edited
Loading

The OID values are correct (match the source documents). The DER-encoded hex values are just the data string part of the encoding - but are missing the OBJECT IDENTIFIER tag and data string length prefix bytes.

For both ML-DSA and SLH-DSA I think these prefix bytes 0609 for NIST and 0608 for SM3 are required for interoperability - the FIPS specifications for the algorithms have 11-byte hex values with the prefix. I copied the hex from the RSASSA-PKCS#1v1.5 table - I need to check if the encoded OID is different for RSA (not wanting the tag+length prefix)...

@athoelke
Copy link
Copy Markdown
Contributor Author

athoelke commented Jan 28, 2026

FIPS 204 and FIPS 205 state that the hash algorithm identifier string used in the Hash variants must have the OID tag and length included. I will amend this PR to add those bytes to the hex strings here.

For RSASSA-PKCS#1, the OID is enclosed in an AlgorithmIdentifier structure, that must also have an explicit NULL parameters field (after the OID); which is itself included in the DigestInfoValue structure that has the hash value string following the AlgorithmIdentifier. We could clarify that the hex values provided in the table for RSASSA-PKCS#1 are just the OID data values for each hash algorithm?

@athoelke athoelke force-pushed the crypto-oids-for-pqc branch from d9c63d6 to 8c3f5ed Compare January 28, 2026 15:59
@athoelke athoelke merged commit 96b7022 into ARM-software:main Jan 28, 2026
@athoelke athoelke deleted the crypto-oids-for-pqc branch January 28, 2026 15:59
@github-project-automation github-project-automation Bot moved this from In Progress to Done in PSA Certified API development Jan 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MarcusJGStreets MarcusJGStreets MarcusJGStreets approved these changes

@gilles-peskine-arm gilles-peskine-arm Awaiting requested review from gilles-peskine-arm

Assignees

@athoelke athoelke

Labels

clarification Something is confusing or missing in the documentation Crypto API Issue or PR related to the Cryptography API

Projects

PSA Certified API development
Status: Done

Milestone

PQC Extension FInal-1

Development

Successfully merging this pull request may close these issues.

Missing hash algorithm for HashML-DSA

2 participants

@athoelke @MarcusJGStreets