Add unstable support for ML-DSA signature algorithms

djc · djc · commit daa9e600465d · 2025-05-07T17:00:13.000+02:00
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -382,4 +382,4 @@ jobs:
           cargo hack check
           --feature-powerset
           --no-dev-deps
-          --mutually-exclusive-features aws-lc-rs,aws-lc-rs-fips
+          --mutually-exclusive-features aws-lc-rs,aws-lc-rs-fips,__aws-lc-rs-unstable
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -71,14 +71,15 @@ name = "webpki"
 [features]
 default = ["std"]
 alloc = ["ring?/alloc", "pki-types/alloc"]
+__aws-lc-rs-unstable = ["aws-lc-rs", "aws-lc-rs/unstable"]
 aws-lc-rs = ["dep:aws-lc-rs", "aws-lc-rs/aws-lc-sys", "aws-lc-rs/prebuilt-nasm"]
 aws-lc-rs-fips = ["dep:aws-lc-rs", "aws-lc-rs/fips"]
 ring = ["dep:ring"]
 std = ["alloc", "pki-types/std"]
 
 [dependencies]
 aws-lc-rs = { version = "1.9", optional = true, default-features = false }
-pki-types = { package = "rustls-pki-types", version = "1.11", default-features = false }
+pki-types = { package = "rustls-pki-types", version = "1.12", default-features = false }
 ring = { version = "0.17", default-features = false, optional = true }
 untrusted = "0.9"
 
diff --git a/src/aws_lc_rs_algs.rs b/src/aws_lc_rs_algs.rs
@@ -1,3 +1,5 @@
+#[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+use aws_lc_rs::unstable;
 use aws_lc_rs::{signature, try_fips_mode};
 use pki_types::{AlgorithmIdentifier, InvalidSignature, SignatureVerificationAlgorithm, alg_id};
 
@@ -54,6 +56,30 @@ impl SignatureVerificationAlgorithm for AwsLcRsAlgorithm {
     }
 }
 
+/// ML-DSA signatures using the [4, 4] matrix (security strength category 2).
+#[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+pub static ML_DSA_44: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ML_DSA_44,
+    signature_alg_id: alg_id::ML_DSA_44,
+    verification_alg: &unstable::signature::MLDSA_44,
+};
+
+/// ML-DSA signatures using the [6, 5] matrix (security strength category 3).
+#[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+pub static ML_DSA_65: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ML_DSA_65,
+    signature_alg_id: alg_id::ML_DSA_65,
+    verification_alg: &unstable::signature::MLDSA_65,
+};
+
+/// ML-DSA signatures using the [8. 7] matrix (security strength category 5).
+#[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+pub static ML_DSA_87: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
+    public_key_alg_id: alg_id::ML_DSA_87,
+    signature_alg_id: alg_id::ML_DSA_87,
+    verification_alg: &unstable::signature::MLDSA_87,
+};
+
 /// ECDSA signatures using the P-256 curve and SHA-256.
 pub static ECDSA_P256_SHA256: &dyn SignatureVerificationAlgorithm = &AwsLcRsAlgorithm {
     public_key_alg_id: alg_id::ECDSA_P256,
@@ -194,6 +220,12 @@ mod tests {
         // Algorithms deprecated because they are nonsensical combinations.
         super::ECDSA_P256_SHA384, // Truncates digest.
         super::ECDSA_P384_SHA256, // Digest is unnecessarily short.
+        #[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+        super::ML_DSA_44,
+        #[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+        super::ML_DSA_65,
+        #[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+        super::ML_DSA_87,
     ];
 
     const UNSUPPORTED_SIGNATURE_ALGORITHM_FOR_RSA_KEY: Error =
diff --git a/src/lib.rs b/src/lib.rs
@@ -113,6 +113,8 @@ pub mod aws_lc_rs {
         RSA_PKCS1_3072_8192_SHA384, RSA_PSS_2048_8192_SHA256_LEGACY_KEY,
         RSA_PSS_2048_8192_SHA384_LEGACY_KEY, RSA_PSS_2048_8192_SHA512_LEGACY_KEY,
     };
+    #[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+    pub use super::aws_lc_rs_algs::{ML_DSA_44, ML_DSA_65, ML_DSA_87};
 }
 
 /// An array of all the verification algorithms exported by this crate.
@@ -173,6 +175,12 @@ pub static ALL_VERIFICATION_ALGS: &[&dyn pki_types::SignatureVerificationAlgorit
     aws_lc_rs::RSA_PSS_2048_8192_SHA384_LEGACY_KEY,
     #[cfg(feature = "aws-lc-rs")]
     aws_lc_rs::RSA_PSS_2048_8192_SHA512_LEGACY_KEY,
+    #[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+    aws_lc_rs::ML_DSA_44,
+    #[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+    aws_lc_rs::ML_DSA_65,
+    #[cfg(all(feature = "__aws-lc-rs-unstable", not(feature = "aws-lc-rs-fips")))]
+    aws_lc_rs::ML_DSA_87,
 ];
 
 fn public_values_eq(a: untrusted::Input<'_>, b: untrusted::Input<'_>) -> bool {
