Changes w.r.t. ML-DSA CertificateRequest PR

krwq · krwq · commit 727a0bc913ee · 2025-04-11T15:33:48.000+02:00
diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/MLDsa/MLDsaTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/MLDsa/MLDsaTests.cs
@@ -38,32 +38,18 @@ private static bool PlatformSupportsMLDsa()
         [Fact]
         public static void DisposeIsCalledOnImplementation()
         {
-            DisposeCallsCountingMLDsa mldsa = new DisposeCallsCountingMLDsa(MLDsaAlgorithm.MLDsa44);
+            MLDsaTestImplementation mldsa = MLDsaTestImplementation.CreateNoOp(MLDsaAlgorithm.MLDsa44);
+            int numberOfTimesDisposeCalled = 0;
+            mldsa.DisposeHook = (disposing) =>
+            {
+                numberOfTimesDisposeCalled++;
+            };
 
-            Assert.Equal(0, mldsa.NumberOfTimesDisposeCalled);
+            Assert.Equal(0, numberOfTimesDisposeCalled);
             mldsa.Dispose();
-            Assert.Equal(1, mldsa.NumberOfTimesDisposeCalled);
+            Assert.Equal(1, numberOfTimesDisposeCalled);
             mldsa.Dispose();
-            Assert.Equal(1, mldsa.NumberOfTimesDisposeCalled);
-        }
-
-        private class DisposeCallsCountingMLDsa : MLDsa
-        {
-            public DisposeCallsCountingMLDsa(MLDsaAlgorithm algorithm) : base(algorithm)
-            {
-            }
-
-            internal int NumberOfTimesDisposeCalled { get; private set; } = 0;
-            protected override void ExportMLDsaPrivateSeedCore(Span<byte> destination) => throw new NotImplementedException();
-            protected override void ExportMLDsaPublicKeyCore(Span<byte> destination) => throw new NotImplementedException();
-            protected override void ExportMLDsaSecretKeyCore(Span<byte> destination) => throw new NotImplementedException();
-            protected override void SignDataCore(ReadOnlySpan<byte> data, ReadOnlySpan<byte> context, Span<byte> destination) => throw new NotImplementedException();
-            protected override bool VerifyDataCore(ReadOnlySpan<byte> data, ReadOnlySpan<byte> context, ReadOnlySpan<byte> signature) => throw new NotImplementedException();
-            protected override void Dispose(bool disposing)
-            {
-                NumberOfTimesDisposeCalled++;
-                base.Dispose(disposing);
-            }
+            Assert.Equal(1, numberOfTimesDisposeCalled);
         }
     }
 }
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLDsaImplementation.OpenSsl.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLDsaImplementation.OpenSsl.cs
@@ -36,27 +36,11 @@ internal static partial bool SupportsAny() =>
             Interop.Crypto.EvpPKeyMLDsaAlgs.MLDsa65 != null ||
             Interop.Crypto.EvpPKeyMLDsaAlgs.MLDsa87 != null;
 
-        internal MLDsaImplementation Duplicate()
-        {
-            return new MLDsaImplementation(Algorithm, _key.DuplicateHandle());
-        }
-
         internal SafeEvpPKeyHandle DuplicateHandle()
         {
             return _key.DuplicateHandle();
         }
 
-        // TODO: Delete this when public MLDsaOpenSsl is added.
-        internal static MLDsaImplementation FromHandle(MLDsaAlgorithm algorithm, SafeEvpPKeyHandle key)
-        {
-            Debug.Assert(key is not null);
-            Debug.Assert(!key.IsInvalid);
-            Debug.Assert(algorithm is not null);
-
-            ThrowIfNotSupported();
-            return new MLDsaImplementation(algorithm, key.DuplicateHandle());
-        }
-
         protected override void SignDataCore(ReadOnlySpan<byte> data, ReadOnlySpan<byte> context, Span<byte> destination) =>
             Interop.Crypto.MLDsaSignPure(_key, data, context, destination);
 
diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslX509CertificateReader.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/OpenSslX509CertificateReader.cs
@@ -615,10 +615,7 @@ public ECDiffieHellman GetECDiffieHellmanPublicKey()
                 return null;
             }
 
-            // TODO: Use MLDsaOpenSsl when it is available.
-            return MLDsaImplementation.FromHandle(
-                MLDsaAlgorithm.GetMLDsaAlgorithmFromOid(KeyAlgorithm)!,
-                _privateKey);
+            return new MLDsaOpenSsl(_privateKey);
         }
 
         private OpenSslX509CertificateReader CopyWithPrivateKey(SafeEvpPKeyHandle privateKey)
@@ -697,7 +694,10 @@ public ICertificatePal CopyWithPrivateKey(MLDsa privateKey)
                 return CopyWithPrivateKey(impl.DuplicateHandle());
             }
 
-            // TODO: Special case MLDsaOpenSsl when it is available.
+            if (privateKey is MLDsaOpenSsl implOpenSsl)
+            {
+                return CopyWithPrivateKey(implOpenSsl.DuplicateKeyHandle());
+            }
 
             using (MLDsaImplementation clone = MLDsaImplementation.DuplicatePrivateKey(privateKey))
             {

Original file line number	Diff line number	Diff line change
`@@ -615,10 +615,7 @@ public ECDiffieHellman GetECDiffieHellmanPublicKey()`
`615`	`615`	`return null;`
`616`	`616`	`}`
`617`	`617`
`618`		`- // TODO: Use MLDsaOpenSsl when it is available.`
`619`		`- return MLDsaImplementation.FromHandle(`
`620`		`- MLDsaAlgorithm.GetMLDsaAlgorithmFromOid(KeyAlgorithm)!,`
`621`		`- _privateKey);`
	`618`	`+ return new MLDsaOpenSsl(_privateKey);`
`622`	`619`	`}`
`623`	`620`
`624`	`621`	`private OpenSslX509CertificateReader CopyWithPrivateKey(SafeEvpPKeyHandle privateKey)`
`@@ -697,7 +694,10 @@ public ICertificatePal CopyWithPrivateKey(MLDsa privateKey)`
`697`	`694`	`return CopyWithPrivateKey(impl.DuplicateHandle());`
`698`	`695`	`}`
`699`	`696`
`700`		`- // TODO: Special case MLDsaOpenSsl when it is available.`
	`697`	`+ if (privateKey is MLDsaOpenSsl implOpenSsl)`
	`698`	`+ {`
	`699`	`+ return CopyWithPrivateKey(implOpenSsl.DuplicateKeyHandle());`
	`700`	`+ }`
`701`	`701`
`702`	`702`	`using (MLDsaImplementation clone = MLDsaImplementation.DuplicatePrivateKey(privateKey))`
`703`	`703`	`{`