Skip to content

Add stubs for CompositeMLDsa APIs #118520

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Add stubs for CompositeMLDsa APIs #118520

wants to merge 3 commits into from
+522 −0

Conversation

PranavSenthilnathan
Copy link
Member

Adds new approved APIs as stubs that throw PNSE. We anticipate requests to use Composite ML-DSA before .NET 11, so we will put the APIs in .NET 10 and implement them in a servicing update if/when necessary.

Contributes to #118320

@PranavSenthilnathan PranavSenthilnathan added this to the 10.0.0 milestone Aug 8, 2025
@PranavSenthilnathan PranavSenthilnathan self-assigned this Aug 8, 2025
@Copilot Copilot AI review requested due to automatic review settings August 8, 2025 08:25
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Copilot
Copilot AI reviewed Aug 8, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds stub implementations for Composite ML-DSA APIs in .NET 10 to enable early access before full implementation. The APIs are marked experimental and throw PlatformNotSupportedException to indicate they're not yet implemented.

Key changes:

  • Adds new CompositeMLDsaCng class with CNG-based implementation stubs
  • Extends X.509 certificate functionality with Composite ML-DSA support
  • Adds Composite ML-DSA support to CMS signing and certificate request operations

Reviewed Changes

Copilot reviewed 14 out of 14 changed files in this pull request and generated 2 comments.

Show a summary per file
File Description
X509SignatureGenerator.cs Adds CreateForCompositeMLDsa method stub
X509Certificate2.cs Adds methods for getting/setting Composite ML-DSA keys
PublicKey.cs Adds constructor for Composite ML-DSA keys
CertificateRequest.cs Adds constructors accepting Composite ML-DSA keys
Cng.NotSupported.cs Adds CompositeMLDsaCng stub for non-CNG platforms
System.Security.Cryptography.csproj Includes new CNG implementation files
System.Security.Cryptography.cs Adds reference assembly definitions
CmsSigner.cs Adds constructor accepting Composite ML-DSA private key
System.Security.Cryptography.Pkcs.netcoreapp.cs Adds CMS signer reference
X509CertificateKeyAccessors.cs Adds extension methods for Composite ML-DSA
Microsoft.Bcl.Cryptography.csproj Includes CNG files in BCL project
Microsoft.Bcl.Cryptography.Forwards.cs Adds type forwarding for CompositeMLDsaCng
CompositeMLDsaCng.cs New CNG implementation class definition
CompositeMLDsaCng.Windows.cs Windows-specific CNG implementation stubs

@PranavSenthilnathan
Copy link
Member Author

/cc @jeffhandley @artl93 Adding new PQC APIs for RC1

@build-analysis build-analysis bot mentioned this pull request Aug 8, 2025
Open
bartonjs
bartonjs reviewed Aug 8, 2025
View reviewed changes
@build-analysis build-analysis bot mentioned this pull request Aug 9, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vcsjones vcsjones vcsjones left review comments

@bartonjs bartonjs bartonjs left review comments

Copilot code review Copilot Copilot left review comments

At least 1 approving review is required to merge this pull request.

Assignees

@PranavSenthilnathan PranavSenthilnathan

Labels
area-System.Security
Projects
None yet
Milestone
10.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@PranavSenthilnathan @vcsjones @bartonjs