Skip to content

feature: support for ML-DSA handshake signatures #5303

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 13, 2025
Merged

feature: support for ML-DSA handshake signatures #5303

merged 1 commit into from
May 13, 2025

Conversation

lrstewart
Copy link
Contributor

Release Summary:

Resolved issues:

related to #5257

Description of changes:

The last of the logic necessary to negotiate ML-DSA. I add the signature schemes, fix bugs in the auth selection logic that prevent ML-DSA from being chosen, and update TLS1.3 CertVerify to properly initialize the hash. After this PR, s2n-tls can handshake using ML-DSA.

Call-outs:

This PR is still trying to keep ML-DSA invisible to customers. There will be one last PR that makes it visible by adding documentation, updating "default_pq", adding integ tests, and adding a new value to the public s2n_tls_signature_algorithm enum. That's when we can consider ML-DSA done and announce it as available for use.

Testing:

New self-talk handshake tests.

Also, I manually tested a handshake against Openssl-3.5. Openssl command:

> openssl s_server -accept 8888 -cert tests/pems/mldsa/ML-DSA-44.crt -key tests/pems/mldsa/ML-DSA-44-seed.priv

s2n-tls command and output:

> s2nc localhost 8888 --ciphers "test_all_tls13" -i
libcrypto: AWS-LC 1.49.1
CONNECTED:
Handshake: NEGOTIATED|FULL_HANDSHAKE|MIDDLEBOX_COMPAT
Client hello version: 33
Client protocol version: 34
Server protocol version: 34
Actual protocol version: 34
Server name: localhost
Curve: x25519
Cipher negotiated: TLS_AES_128_GCM_SHA256
Server signature negotiated: None+None
Early Data status: NOT REQUESTED
Wire bytes in: 6718
Wire bytes out: 307
s2n is ready
Connected to localhost:8888

Notice that the "None" signature negotiated is because ML-DSA hasn't been added to s2n_tls_signature_algorithm yet.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@github-actions github-actions bot added the s2n-core team label May 9, 2025
@lrstewart lrstewart force-pushed the mldsa_6 branch 2 times, most recently from f3e0e8d to 477045c Compare May 9, 2025 05:40
@lrstewart lrstewart marked this pull request as ready for review May 9, 2025 06:50
@lrstewart lrstewart requested review from goatgoose and jmayclin May 9, 2025 06:50
goatgoose
goatgoose approved these changes May 13, 2025
View reviewed changes
@lrstewart lrstewart mentioned this pull request May 13, 2025
Closed
@lrstewart lrstewart added this pull request to the merge queue May 13, 2025
Merged via the queue into aws:main with commit 2a5844a May 13, 2025
46 checks passed
@lrstewart lrstewart deleted the mldsa_6 branch May 13, 2025 07:59
@BrewTestBot BrewTestBot mentioned this pull request May 22, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@goatgoose goatgoose goatgoose approved these changes

@jmayclin jmayclin jmayclin approved these changes

Assignees
No one assigned
Labels
s2n-core team
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@lrstewart @goatgoose @jmayclin