Add stubs for CompositeMLDsa APIs#118520
Merged
PranavSenthilnathan merged 3 commits intodotnet:mainfrom Aug 11, 2025
Merged
Conversation
Contributor
|
Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones |
Contributor
There was a problem hiding this comment.
Pull Request Overview
This PR adds stub implementations for Composite ML-DSA APIs in .NET 10 to enable early access before full implementation. The APIs are marked experimental and throw PlatformNotSupportedException to indicate they're not yet implemented.
Key changes:
- Adds new
CompositeMLDsaCngclass with CNG-based implementation stubs - Extends X.509 certificate functionality with Composite ML-DSA support
- Adds Composite ML-DSA support to CMS signing and certificate request operations
Reviewed Changes
Copilot reviewed 14 out of 14 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
X509SignatureGenerator.cs |
Adds CreateForCompositeMLDsa method stub |
X509Certificate2.cs |
Adds methods for getting/setting Composite ML-DSA keys |
PublicKey.cs |
Adds constructor for Composite ML-DSA keys |
CertificateRequest.cs |
Adds constructors accepting Composite ML-DSA keys |
Cng.NotSupported.cs |
Adds CompositeMLDsaCng stub for non-CNG platforms |
System.Security.Cryptography.csproj |
Includes new CNG implementation files |
System.Security.Cryptography.cs |
Adds reference assembly definitions |
CmsSigner.cs |
Adds constructor accepting Composite ML-DSA private key |
System.Security.Cryptography.Pkcs.netcoreapp.cs |
Adds CMS signer reference |
X509CertificateKeyAccessors.cs |
Adds extension methods for Composite ML-DSA |
Microsoft.Bcl.Cryptography.csproj |
Includes CNG files in BCL project |
Microsoft.Bcl.Cryptography.Forwards.cs |
Adds type forwarding for CompositeMLDsaCng |
CompositeMLDsaCng.cs |
New CNG implementation class definition |
CompositeMLDsaCng.Windows.cs |
Windows-specific CNG implementation stubs |
.../System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/PublicKey.cs
Show resolved
Hide resolved
src/libraries/Common/src/System/Security/Cryptography/CompositeMLDsaCng.cs
Show resolved
Hide resolved
Member
Author
|
/cc @jeffhandley @artl93 Adding new PQC APIs for RC1 |
bartonjs
reviewed
Aug 8, 2025
...ryptography/src/System/Security/Cryptography/X509Certificates/X509CertificateKeyAccessors.cs
Outdated
Show resolved
Hide resolved
...ryptography/src/System/Security/Cryptography/X509Certificates/X509CertificateKeyAccessors.cs
Show resolved
Hide resolved
...ryptography/src/System/Security/Cryptography/X509Certificates/X509CertificateKeyAccessors.cs
Show resolved
Hide resolved
.../System.Security.Cryptography/src/System/Security/Cryptography/X509Certificates/PublicKey.cs
Outdated
Show resolved
Hide resolved
....Security.Cryptography/src/System/Security/Cryptography/X509Certificates/X509Certificate2.cs
Outdated
Show resolved
Hide resolved
vcsjones
reviewed
Aug 9, 2025
src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj
Outdated
Show resolved
Hide resolved
...ryptography/src/System/Security/Cryptography/X509Certificates/X509CertificateKeyAccessors.cs
Show resolved
Hide resolved
bartonjs
approved these changes
Aug 11, 2025
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Adds new approved APIs as stubs that throw PNSE. We anticipate requests to use Composite ML-DSA before .NET 11, so we will put the APIs in .NET 10 and implement them in a servicing update if/when necessary.
Contributes to #118320