Skip to content

Support HashML-DSA on Windows #117613

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 9 commits into from
Jul 16, 2025
Merged

Support HashML-DSA on Windows #117613

merged 9 commits into from
Jul 16, 2025

Conversation

vcsjones
Copy link
Member

@vcsjones vcsjones commented Jul 14, 2025
edited
Loading

This introduces HashML-DSA on Windows through CNG ncrypt and bcrypt.

This also restricts what hash algorithms can be used by which ML-DSA parameter set. Windows currently enforces this, which has been brought to the base class for consistency. Windows may relax this requirement in the future.

Contributes to #113502

@Copilot Copilot AI review requested due to automatic review settings July 14, 2025 17:06
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

Copilot
Copilot AI reviewed Jul 14, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR adds support for HashML-DSA (Hash-based ML-DSA) on Windows through CNG (Cryptography Next Generation) APIs. The implementation introduces platform-specific restrictions on hash algorithm and ML-DSA parameter combinations that Windows enforces, unlike the more permissive OpenSSL implementation.

Key changes include:

  • Implementation of HashML-DSA signing and verification for Windows using BCrypt and NCrypt APIs
  • Addition of hash algorithm mapping with Windows-specific restrictions
  • Updated test infrastructure to handle platform-specific algorithm combinations

Reviewed Changes

Copilot reviewed 13 out of 13 changed files in this pull request and generated 4 comments.

Show a summary per file
File Description
src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj Added reference to new MLDsa.Windows.cs file
src/libraries/System.Security.Cryptography/src/Resources/Strings.resx Added error message for unsupported hash/ML-DSA combinations
src/libraries/Microsoft.Bcl.Cryptography/src/System/Security/Cryptography/HashAlgorithmNames.cs Added constants for MD5, SHAKE128, and SHAKE256 hash algorithms
src/libraries/Microsoft.Bcl.Cryptography/src/Resources/Strings.resx Added error message for unsupported hash/ML-DSA combinations
src/libraries/Microsoft.Bcl.Cryptography/src/Microsoft.Bcl.Cryptography.csproj Moved HashAlgorithmNames.cs to be available for all target frameworks
src/libraries/Common/tests/System/Security/Cryptography/HashInfo.cs Updated hash algorithm names from "BOGUS-" prefixed to actual names
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/MLDsa/MLDsaTestsData.cs Updated test cases to handle Windows-specific restrictions
src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/MLDsa/MLDsaTestsBase.cs Updated tests to use SHA-512 instead of SHA-256 and added Windows-specific restriction tests
src/libraries/Common/src/System/Security/Cryptography/MLDsaImplementation.Windows.cs Implemented HashML-DSA signing and verification using BCrypt APIs
src/libraries/Common/src/System/Security/Cryptography/MLDsaCng.Windows.cs Implemented HashML-DSA signing and verification using NCrypt APIs
src/libraries/Common/src/System/Security/Cryptography/MLDsa.Windows.cs Added hash algorithm OID to CNG identifier mapping with Windows restrictions
src/libraries/Common/src/Interop/Windows/BCrypt/Interop.BCryptVerifySignature.cs Added BCrypt signature verification method for pre-hashed data
src/libraries/Common/src/Interop/Windows/BCrypt/Interop.BCryptSignHash.cs Added BCrypt signature creation method for pre-hashed data

@vcsjones @Copilot
Fix grammar.
6bec51b 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
PranavSenthilnathan
PranavSenthilnathan reviewed Jul 14, 2025
View reviewed changes
This was referenced Jul 15, 2025
Open
Open
Closed
Closed
Closed
Closed
@build-analysis build-analysis bot mentioned this pull request Jul 16, 2025
Closed
@vcsjones
Copy link
Member Author

@bartonjs I think this can be ba-ged.

@bartonjs
Copy link
Member

/ba-g None of the failures are relevant; the OSes applicable to this change all ran successfully.

@vcsjones vcsjones merged commit aa122ad into dotnet:main Jul 16, 2025
85 of 89 checks passed
@vcsjones vcsjones deleted the win-prehash-mldsa branch July 16, 2025 21:38
@vcsjones vcsjones added this to the 10.0.0 milestone Jul 24, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@PranavSenthilnathan PranavSenthilnathan PranavSenthilnathan left review comments

Copilot code review Copilot Copilot left review comments

@bartonjs bartonjs bartonjs approved these changes

Assignees

@vcsjones vcsjones

Labels
area-System.Security
Projects
None yet
Milestone
10.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@vcsjones @bartonjs @PranavSenthilnathan