tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

kernel / include / crypto / mldsa.h
at master 62 lines 2.1 kB view raw
1/* SPDX-License-Identifier: GPL-2.0-or-later */ 2/* 3 * Support for verifying ML-DSA signatures 4 * 5 * Copyright 2025 Google LLC 6 */ 7#ifndef _CRYPTO_MLDSA_H 8#define _CRYPTO_MLDSA_H 9 10#include <linux/types.h> 11 12/* Identifier for an ML-DSA parameter set */ 13enum mldsa_alg { 14 MLDSA44, /* ML-DSA-44 */ 15 MLDSA65, /* ML-DSA-65 */ 16 MLDSA87, /* ML-DSA-87 */ 17}; 18 19/* Lengths of ML-DSA public keys and signatures in bytes */ 20#define MLDSA44_PUBLIC_KEY_SIZE 1312 21#define MLDSA65_PUBLIC_KEY_SIZE 1952 22#define MLDSA87_PUBLIC_KEY_SIZE 2592 23#define MLDSA44_SIGNATURE_SIZE 2420 24#define MLDSA65_SIGNATURE_SIZE 3309 25#define MLDSA87_SIGNATURE_SIZE 4627 26 27/** 28 * mldsa_verify() - Verify an ML-DSA signature 29 * @alg: The ML-DSA parameter set to use 30 * @sig: The signature 31 * @sig_len: Length of the signature in bytes. Should match the 32 * MLDSA*_SIGNATURE_SIZE constant associated with @alg, 33 * otherwise -EBADMSG will be returned. 34 * @msg: The message 35 * @msg_len: Length of the message in bytes 36 * @pk: The public key 37 * @pk_len: Length of the public key in bytes. Should match the 38 * MLDSA*_PUBLIC_KEY_SIZE constant associated with @alg, 39 * otherwise -EBADMSG will be returned. 40 * 41 * This verifies a signature using pure ML-DSA with the specified parameter set. 42 * The context string is assumed to be empty. This corresponds to FIPS 204 43 * Algorithm 3 "ML-DSA.Verify" with the ctx parameter set to the empty string 44 * and the lengths of the signature and key given explicitly by the caller. 45 * 46 * Context: Might sleep 47 * 48 * Return: 49 * * 0 if the signature is valid 50 * * -EBADMSG if the signature and/or public key is malformed 51 * * -EKEYREJECTED if the signature is invalid but otherwise well-formed 52 * * -ENOMEM if out of memory so the validity of the signature is unknown 53 */ 54int mldsa_verify(enum mldsa_alg alg, const u8 *sig, size_t sig_len, 55 const u8 *msg, size_t msg_len, const u8 *pk, size_t pk_len); 56 57#if IS_ENABLED(CONFIG_CRYPTO_LIB_MLDSA_KUNIT_TEST) 58/* Internal function, exposed only for unit testing */ 59s32 mldsa_use_hint(u8 h, s32 r, s32 gamma2); 60#endif 61 62#endif /* _CRYPTO_MLDSA_H */