ML-DSA: Add BCrypt support in Microsoft.Bcl.Cryptography #116616
Conversation
There was a problem hiding this comment.
Pull Request Overview
This PR introduces BCrypt support for ML-DSA by adding a new CNG implementation file and updating project files and interop helpers. Key changes include:
- Adding MLDsaImplementation.CreateCng.cs to provide an ephemeral CNG key creation implementation.
- Updating csproj files to include new interop files and the new CNG implementation.
- Refactoring memory marshalling usage in PqcBlobHelpers and removing duplicate implementations in MLDsaImplementation.Windows.cs.
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.
Show a summary per file
| File | Description |
|---|---|
| src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLDsaImplementation.CreateCng.cs | Introduces a new method to create ephemeral CNG keys using BCrypt. |
| src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj | Adds the new CNG implementation file to the compilation. |
| src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.csproj | Includes new interop files necessary for BCrypt support. |
| src/libraries/Common/src/System/Security/Cryptography/PqcBlobHelpers.cs | Updates memory marshalling usage to use MemoryMarshal.Cast for proper blob header extraction. |
| src/libraries/Common/src/System/Security/Cryptography/MLDsaImplementation.Windows.cs | Refactors duplicate key creation code and improves debug assertions and logging. |
Comments suppressed due to low confidence (1)
src/libraries/Common/src/System/Security/Cryptography/MLDsaImplementation.Windows.cs:165
- Converting parameterSet to an array in the debug message reduces readability; consider logging parameterSet directly to improve clarity.
Debug.Fail(..., $"{nameof(parameterSet)}: {parameterSet.ToArray()}, ", ...)
|
Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones |
PranavSenthilnathan
force-pushed
the
mldsa-downlevel
branch
from
be29f34 to
3699d96
Compare
| <data name="Cryptography_MLDsaNoSecretKey" xml:space="preserve"> | ||
| <value>The current instance does not contain a secret key.</value> | ||
| </data> |
There was a problem hiding this comment.
Secret Key vs Decapsulation Key means that to share this with ML-KEM we'd have to parameterize it. But MLDsaNoSeed and MLKemNoSeed seem pretty sharable. Do we really need the same string twice under two names?
There was a problem hiding this comment.
I can put this in a future PR to avoid merge conflicts since MLKemNoSeed is still in PR pending merge. I like the logical separation of ML-KEM and ML-DSA but it is unfortunate that it would result in more resources in the dll.
There was a problem hiding this comment.
Mine's not even approved yet, so if you want to rename yours to something like Cryptography_PqcNoSeed I can merge in main when you merge and then use the de-duped name.
There was a problem hiding this comment.
The CI is going to be green for this besides the known test failures, so it's probably faster for me to merge and you to change the name rather than both of us waiting for CI.
And fix failing tests.
Fixes #116598