From: David Howells <dhowells@redhat.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: dhowells@redhat.com, Herbert Xu <herbert@gondor.apana.org.au>,
Luis Chamberlain <mcgrof@kernel.org>,
Petr Pavlu <petr.pavlu@suse.com>,
Daniel Gomez <da.gomez@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
"Jason A . Donenfeld" <Jason@zx2c4.com>,
Ard Biesheuvel <ardb@kernel.org>,
Stephan Mueller <smueller@chronox.de>,
Lukas Wunner <lukas@wunner.de>,
Ignat Korchagin <ignat@cloudflare.com>,
linux-crypto@vger.kernel.org, keyrings@vger.kernel.org,
linux-modules@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v7 2/8] crypto: Add ML-DSA/Dilithium verify support
Date: Wed, 12 Nov 2025 14:55:17 +0000 [thread overview]
Message-ID: <1232848.1762959317@warthog.procyon.org.uk> (raw)
In-Reply-To: <20251106192016.GA3318@quark>
Eric Biggers <ebiggers@kernel.org> wrote:
> As I mentioned before
> (https://lore.kernel.org/linux-crypto/20250613170456.GA1284@sol/), this
> code should go in lib/crypto/. There seems to be a clean API in
> crypto/ml_dsa/dilithium.h already. Just make that the library API.
It's not that simple, as it turns out. Various of the API structures are
dependent on the strength-specific #include magic stuff.
dilithium_{44,65,87}.h (or parts thereof) are used in the generation of those
structs.
Now, I can move all that stuff into one header file in include/crypto/, but
it's exposing a lot of the internals.
It also requires the caller to do some of the work in expanding the public key
and signature into those API structs, so it's probably better to wrap the
dilithium.h API to a simpler one with just init, update, fini and all-in-one
functions and have the crypto_sig interface call those (the helper functions
are pretty much the wrappers I need anyway).
David
next prev parent reply other threads:[~2025-11-12 14:55 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-06 17:44 [PATCH v7 0/8] lib/crypto: Add ML-DSA signing David Howells
2025-11-06 17:44 ` [PATCH v7 1/8] crypto: Add support for shake256 through crypto_shash David Howells
2025-11-06 17:44 ` [PATCH v7 2/8] crypto: Add ML-DSA/Dilithium verify support David Howells
2025-11-06 19:20 ` Eric Biggers
2025-11-07 10:34 ` David Howells
2025-11-12 14:55 ` David Howells [this message]
2025-11-06 17:44 ` [PATCH v7 3/8] crypto: Add ML-DSA-44 pure rejection test vectors as a kunit test David Howells
2025-11-06 17:44 ` [PATCH v7 4/8] crypto: Add ML-DSA-65 " David Howells
2025-11-06 17:44 ` [PATCH v7 5/8] crypto: Add ML-DSA-87 " David Howells
2025-11-06 17:44 ` [PATCH v7 6/8] pkcs7: Allow the signing algo to calculate the digest itself David Howells
2025-11-06 17:44 ` [PATCH v7 7/8] pkcs7, x509: Add ML-DSA support David Howells
2025-11-07 10:05 ` [PATCH v7 8/8] modsign: Enable ML-DSA module signing David Howells
2025-11-09 19:42 ` Elliott, Robert (Servers)
2025-11-07 18:32 ` [PATCH v7 0/8] lib/crypto: Add ML-DSA signing Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1232848.1762959317@warthog.procyon.org.uk \
--to=dhowells@redhat.com \
--cc=Jason@zx2c4.com \
--cc=ardb@kernel.org \
--cc=da.gomez@kernel.org \
--cc=ebiggers@kernel.org \
--cc=herbert@gondor.apana.org.au \
--cc=ignat@cloudflare.com \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-modules@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=mcgrof@kernel.org \
--cc=petr.pavlu@suse.com \
--cc=samitolvanen@google.com \
--cc=smueller@chronox.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox