From f32919f2e32b68788c730a082ec6906e50388b4f Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 4 Nov 2025 01:27:16 +0000 Subject: [PATCH 1/4] Initial plan From 984f8914d04ea898af4dbdfb84066b0c024912ac Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 4 Nov 2025 01:33:58 +0000 Subject: [PATCH 2/4] Add CompositeMLDsa draft-08 breaking change documentation Co-authored-by: gewarren <24882762+gewarren@users.noreply.github.com> --- docs/core/compatibility/10.0.md | 1 + .../10.0/composite-mldsa-draft-08.md | 45 +++++++++++++++++++ docs/core/compatibility/toc.yml | 2 + docs/core/whats-new/dotnet-10/libraries.md | 2 +- 4 files changed, 49 insertions(+), 1 deletion(-) create mode 100644 docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md diff --git a/docs/core/compatibility/10.0.md b/docs/core/compatibility/10.0.md index 2d92b51f5a69a..8bdc82b0a4152 100644 --- a/docs/core/compatibility/10.0.md +++ b/docs/core/compatibility/10.0.md @@ -61,6 +61,7 @@ If you're migrating an app to .NET 10, the breaking changes listed here might af | Title | Type of change | Introduced version | |-------|-------------------|--------------------| +| [CompositeMLDsa updated to draft-08](cryptography/10.0/composite-mldsa-draft-08.md) | Behavioral change | 10.0.0 | | [CoseSigner.Key can be null](cryptography/10.0/cosesigner-key-null.md) | Behavioral/source incompatible change | Preview 7 | | [MLDsa and SlhDsa 'SecretKey' members renamed](cryptography/10.0/mldsa-slhdsa-secretkey-to-privatekey.md) | Source incompatible | RC 1 | | [OpenSSL cryptographic primitives aren't supported on macOS](cryptography/10.0/openssl-macos-unsupported.md) | Behavioral change | Preview 6 | diff --git a/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md b/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md new file mode 100644 index 0000000000000..88d7f584a574c --- /dev/null +++ b/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md @@ -0,0 +1,45 @@ +--- +title: "Breaking change - CompositeMLDsa updated to draft-08" +description: "Learn about the breaking change in .NET 10 where CompositeMLDsa was updated from draft-07 to draft-08 of the Composite ML-DSA for use in X.509 Public Key Infrastructure specification." +ms.date: 11/04/2025 +ai-usage: ai-assisted +ms.custom: https://github.com/dotnet/runtime/pull/120077 +--- + +# CompositeMLDsa updated to draft-08 + +`CompositeMLDsa` has moved from draft-07 to draft-08 of the [Composite ML-DSA for use in X.509 Public Key Infrastructure](https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/) specification. The draft-08 format is not compatible with the draft-07 signatures, and key export/import formats are also incompatible across the draft-07/draft-08 boundary. draft-08 and draft-09 are compatible. + +## Version introduced + +.NET 10.0.0 + +## Previous behavior + +Signatures were generated and validated according to draft-07 of Composite ML-DSA for use in X.509 Public Key Infrastructure. + +Public key and private key export and import used the format from draft-07 of Composite ML-DSA for use in X.509 Public Key Infrastructure. + +## New behavior + +Signatures are generated and validated according to draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. + +Public key and private key export and import use the format from draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. + +## Type of breaking change + +This is a [behavioral change](../../categories.md#behavioral-change). + +## Reason for change + +Staying current with the underlying specification. + +## Recommended action + +The class is marked as `[Experimental]`, in part, because the specification is not yet complete. Developers should not yet be depending on this class in production. + +Any previously generated keys and signatures should be discarded. + +## Affected APIs + +- diff --git a/docs/core/compatibility/toc.yml b/docs/core/compatibility/toc.yml index ec9c94695b2f9..219e27fef7b74 100644 --- a/docs/core/compatibility/toc.yml +++ b/docs/core/compatibility/toc.yml @@ -70,6 +70,8 @@ items: href: core-libraries/10.0/ymm-embedded-rounding.md - name: Cryptography items: + - name: CompositeMLDsa updated to draft-08 + href: cryptography/10.0/composite-mldsa-draft-08.md - name: CoseSigner.Key can be null href: cryptography/10.0/cosesigner-key-null.md - name: Environment variable renamed to DOTNET_OPENSSL_VERSION_OVERRIDE diff --git a/docs/core/whats-new/dotnet-10/libraries.md b/docs/core/whats-new/dotnet-10/libraries.md index 5c365d47c0719..8c21dd5c524a1 100644 --- a/docs/core/whats-new/dotnet-10/libraries.md +++ b/docs/core/whats-new/dotnet-10/libraries.md @@ -156,7 +156,7 @@ private static bool VerifyWithExternalMu(MLDsa verifyingKey, ReadOnlySpan #### Composite ML-DSA -.NET 10 introduces new types to support [ietf-lamps-pq-composite-sigs](https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/) (currently at draft 7), including the and types, with implementation of the primitive methods for RSA variants. +.NET 10 introduces new types to support [ietf-lamps-pq-composite-sigs](https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/) (currently at draft 8), including the and types, with implementation of the primitive methods for RSA variants. ```csharp var algorithm = CompositeMLDsaAlgorithm.MLDsa65WithRSA4096Pss; From 70a485ebb393066c2e596893b21a5f09eacfd3d3 Mon Sep 17 00:00:00 2001 From: Genevieve Warren <24882762+gewarren@users.noreply.github.com> Date: Mon, 3 Nov 2025 18:14:23 -0800 Subject: [PATCH 3/4] Apply suggestions from code review --- .../10.0/composite-mldsa-draft-08.md | 18 +++++++++--------- docs/core/whats-new/dotnet-10/libraries.md | 2 +- 2 files changed, 10 insertions(+), 10 deletions(-) diff --git a/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md b/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md index 88d7f584a574c..06c1ab1fd6fc5 100644 --- a/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md +++ b/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md @@ -3,42 +3,42 @@ title: "Breaking change - CompositeMLDsa updated to draft-08" description: "Learn about the breaking change in .NET 10 where CompositeMLDsa was updated from draft-07 to draft-08 of the Composite ML-DSA for use in X.509 Public Key Infrastructure specification." ms.date: 11/04/2025 ai-usage: ai-assisted -ms.custom: https://github.com/dotnet/runtime/pull/120077 +ms.custom: https://github.com/dotnet/docs/issue/48901 --- # CompositeMLDsa updated to draft-08 -`CompositeMLDsa` has moved from draft-07 to draft-08 of the [Composite ML-DSA for use in X.509 Public Key Infrastructure](https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/) specification. The draft-08 format is not compatible with the draft-07 signatures, and key export/import formats are also incompatible across the draft-07/draft-08 boundary. draft-08 and draft-09 are compatible. + has moved from draft-07 to draft-08 of the [Composite ML-DSA for use in X.509 Public Key Infrastructure](https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/) specification. The draft-08 format is not compatible with the draft-07 signatures, and key export/import formats are also incompatible across the draft-07/draft-08 boundary. draft-08 and draft-09 are compatible. ## Version introduced -.NET 10.0.0 +.NET 10 GA ## Previous behavior -Signatures were generated and validated according to draft-07 of Composite ML-DSA for use in X.509 Public Key Infrastructure. +In preview and RC releases of .NET 10, signatures were generated and validated according to draft-07 of Composite ML-DSA for use in X.509 Public Key Infrastructure. Public key and private key export and import used the format from draft-07 of Composite ML-DSA for use in X.509 Public Key Infrastructure. ## New behavior -Signatures are generated and validated according to draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. +Starting in .NET 10 GA release, signatures are generated and validated according to draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. Public key and private key export and import use the format from draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. ## Type of breaking change -This is a [behavioral change](../../categories.md#behavioral-change). +This change is a [behavioral change](../../categories.md#behavioral-change). ## Reason for change -Staying current with the underlying specification. +This change was made to stay current with the underlying specification. ## Recommended action -The class is marked as `[Experimental]`, in part, because the specification is not yet complete. Developers should not yet be depending on this class in production. +The class is marked as `[Experimental]`, partly because the specification is not yet complete. Do not depend on this class in production. -Any previously generated keys and signatures should be discarded. +Discard any previously generated keys and signatures. ## Affected APIs diff --git a/docs/core/whats-new/dotnet-10/libraries.md b/docs/core/whats-new/dotnet-10/libraries.md index 8c21dd5c524a1..a7959b652e3e3 100644 --- a/docs/core/whats-new/dotnet-10/libraries.md +++ b/docs/core/whats-new/dotnet-10/libraries.md @@ -156,7 +156,7 @@ private static bool VerifyWithExternalMu(MLDsa verifyingKey, ReadOnlySpan #### Composite ML-DSA -.NET 10 introduces new types to support [ietf-lamps-pq-composite-sigs](https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/) (currently at draft 8), including the and types, with implementation of the primitive methods for RSA variants. +.NET 10 introduces new types to support [ietf-lamps-pq-composite-sigs](https://datatracker.ietf.org/doc/draft-ietf-lamps-pq-composite-sigs/) (at draft 8 as of .NET 10 GA), including the and types, with implementation of the primitive methods for RSA variants. ```csharp var algorithm = CompositeMLDsaAlgorithm.MLDsa65WithRSA4096Pss; From a116217c42d04f38952d3a972e6d168d63661872 Mon Sep 17 00:00:00 2001 From: Genevieve Warren <24882762+gewarren@users.noreply.github.com> Date: Tue, 4 Nov 2025 10:52:27 -0800 Subject: [PATCH 4/4] Apply suggestions from code review Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .../cryptography/10.0/composite-mldsa-draft-08.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md b/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md index 06c1ab1fd6fc5..62775430188b2 100644 --- a/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md +++ b/docs/core/compatibility/cryptography/10.0/composite-mldsa-draft-08.md @@ -22,7 +22,7 @@ Public key and private key export and import used the format from draft-07 of Co ## New behavior -Starting in .NET 10 GA release, signatures are generated and validated according to draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. +Starting in the .NET 10 GA release, signatures are generated and validated according to draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. Public key and private key export and import use the format from draft-08 of Composite ML-DSA for use in X.509 Public Key Infrastructure. @@ -36,7 +36,7 @@ This change was made to stay current with the underlying specification. ## Recommended action -The class is marked as `[Experimental]`, partly because the specification is not yet complete. Do not depend on this class in production. +The class is marked as `[Experimental]`, partly because the specification isn't yet complete. Do not depend on this class in production. Discard any previously generated keys and signatures.