Skip to content

Add ML-DSA support#1124

Open
jku wants to merge 14 commits into
secure-systems-lab:mainfrom
jku:mldsa
Open

Add ML-DSA support#1124
jku wants to merge 14 commits into
secure-systems-lab:mainfrom
jku:mldsa

Conversation

@jku

@jku jku commented May 12, 2026

Copy link
Copy Markdown
Collaborator

This implements a proposed ML-DSA TAP: I think it's ready for review.

This currently enables the ML-DSA algorithms by default for signing but not for verify: this should allow merging before the TAP is finalized so we can add support in tuf-conformance.

The only unusual thing about the new key is the custom pre-hash with domain prefix: this is documented in the TAP.

Support is added to

  • SSLibKey (Verification in general)
  • Cryptosigner (Signing with keys-on-disk)
  • GCPsigner (Signing with Google Cloud KMS)

No dependencies are added but minimum cryptography version is bumped to 48: ML-DSA support was added in 47 already but support via openssl only became available in 48

The test code is from AI.

@jku

jku commented May 12, 2026

Copy link
Copy Markdown
Collaborator Author

Test run on GCP: https://github.com/secure-systems-lab/securesystemslib/actions/runs/25749092040/job/75620285276: looks ok.

There is a test TUF repo https://github.com/jku/pqc-test-repo2

]:
if not isinstance(private_key, RSAPrivateKey):
raise ValueError(f"invalid rsa key: {type(private_key)}")
assert_type("rsa", private_key, RSAPrivateKey)

@jku jku May 13, 2026

Copy link
Copy Markdown
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

all these assert tweaks are just to keep linter happy ("too many branches"): the functionality should not change

@jku jku mentioned this pull request May 13, 2026
Comment thread securesystemslib/signer/_crypto_signer.py Outdated
@jku

This comment was marked as outdated.

@jku jku marked this pull request as ready for review June 9, 2026 13:29
Comment thread securesystemslib/signer/_crypto_signer.py Outdated
@jku jku linked an issue Jun 21, 2026 that may be closed by this pull request
jku added 8 commits June 28, 2026 15:58
This is related to proposed TAP:
theupdateframework/taps#195

This currently enables the key for verification and signing for easier
testing: In reality we may want to leave the verify support disabled
until the TAP is approved.

This makes cryptography 48 a requirement
* we could make this more complicated with a separate feature
  but I'm not going to unless someone has a good reason for it
* ML-DSA support was added in 47 already but support via openssl
  only became available in 48

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
The skip is for SSLibKey._verify: I think it makes sense
to be a longer function

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
No need to make this more complicated until there is more than 1
key version

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
@jku

jku commented Jun 28, 2026

Copy link
Copy Markdown
Collaborator Author

rebased on main

jku added 3 commits June 30, 2026 09:59
This way we can merge without the spec being finalized

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
jku

This comment was marked as outdated.

This is just a helper method, not 100% required

Fix some nearby docstrings.

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Revert the version changes that are not 100% needed to avoid
unnecessary changes in pyproject.toml

Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Support ML-DSA

1 participant