Early Preview
This is currently very much a preview. Please feel free to try things out,
but don't be upset if anything is not yet working. Feedback is welcome over on our
GitHub Dicussions page.
class System.Security.Cryptography.MLDsaOpenSsl
Assembly: System.Security.Cryptography
Inheritance: object → MLDsa → MLDsaOpenSsl
Implemented Interfaces
- IDisposable Implemented by: MLDsa
Represents an ML-DSA key backed by OpenSSL.
Properties
public
MLDsaAlgorithm
Algorithm
Gets the specific ML-DSA algorithm for this key.
Methods
protected
void
Dispose(bool disposing)
public
SafeEvpPKeyHandle
DuplicateKeyHandle()
Gets a <see cref="T:System.Security.Cryptography.SafeEvpPKeyHandle" /> representation of the cryptographic key.
Returns A <see cref="T:System.Security.Cryptography.SafeEvpPKeyHandle" /> representation of the cryptographic key.
protected
void
SignDataCore(ReadOnlySpan<byte> data,
ReadOnlySpan<byte> context,
Span<byte> destination)
protected
void
SignPreHashCore(ReadOnlySpan<byte> hash,
ReadOnlySpan<byte> context,
string hashAlgorithmOid,
Span<byte> destination)
protected
bool
VerifyDataCore(ReadOnlySpan<byte> data,
ReadOnlySpan<byte> context,
ReadOnlySpan<byte> signature)
protected
bool
VerifyPreHashCore(ReadOnlySpan<byte> hash,
ReadOnlySpan<byte> context,
string hashAlgorithmOid,
ReadOnlySpan<byte> signature)
public
void
Dispose()
Inherited from MLDsa
Releases all resources used by the <see cref="T:System.Security.Cryptography.MLDsa" /> class.
public
byte[]
ExportEncryptedPkcs8PrivateKey(ReadOnlySpan<byte> passwordBytes,
PbeParameters pbeParameters)
Inherited from MLDsa
Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a byte-based password.
Returns A byte array containing the PKCS#8 EncryptedPrivateKeyInfo representation of the this key.
passwordBytes
The bytes to use as a password when encrypting the key material.
pbeParameters
The password-based encryption (PBE) parameters to use when encrypting the key material.
public
byte[]
ExportEncryptedPkcs8PrivateKey(ReadOnlySpan<char> password,
PbeParameters pbeParameters)
Inherited from MLDsa
Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a char-based password.
Returns A byte array containing the PKCS#8 EncryptedPrivateKeyInfo representation of the this key.
password
The password to use when encrypting the key material.
pbeParameters
The password-based encryption (PBE) parameters to use when encrypting the key material.
public
byte[]
ExportEncryptedPkcs8PrivateKey(string password,
PbeParameters pbeParameters)
Inherited from MLDsa
Exports the current key in the PKCS#8 EncryptedPrivateKeyInfo format with a char-based password.
Returns A byte array containing the PKCS#8 EncryptedPrivateKeyInfo representation of the this key.
password
The password to use when encrypting the key material.
pbeParameters
The password-based encryption (PBE) parameters to use when encrypting the key material.
public
string
ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan<byte> passwordBytes,
PbeParameters pbeParameters)
Inherited from MLDsa
<para>Exports the current key in a PEM-encoded representation of the PKCS#8 EncryptedPrivateKeyInfo representation of this key, using a byte-based password.</para>
Returns A string containing the PEM-encoded PKCS#8 EncryptedPrivateKeyInfo.
passwordBytes
The bytes to use as a password when encrypting the key material.
pbeParameters
The password-based encryption (PBE) parameters to use when encrypting the key material.
public
string
ExportEncryptedPkcs8PrivateKeyPem(ReadOnlySpan<char> password,
PbeParameters pbeParameters)
Inherited from MLDsa
<para>Exports the current key in a PEM-encoded representation of the PKCS#8 EncryptedPrivateKeyInfo representation of this key, using a char-based password.</para>
Returns A string containing the PEM-encoded PKCS#8 EncryptedPrivateKeyInfo.
password
The password to use when encrypting the key material.
pbeParameters
The password-based encryption (PBE) parameters to use when encrypting the key material.
public
string
ExportEncryptedPkcs8PrivateKeyPem(string password,
PbeParameters pbeParameters)
Inherited from MLDsa
<p>Exports the current key in a PEM-encoded representation of the PKCS#8 EncryptedPrivateKeyInfo representation of this key, using a char-based password.</p>
Returns A string containing the PEM-encoded PKCS#8 EncryptedPrivateKeyInfo.
password
The password to use when encrypting the key material.
pbeParameters
The password-based encryption (PBE) parameters to use when encrypting the key material.
public
byte[]
ExportMLDsaPrivateKey()
Inherited from MLDsa
Exports the current key in the FIPS 204 private key format.
Returns The FIPS 204 private key.
public
void
ExportMLDsaPrivateKey(Span<byte> destination)
Inherited from MLDsa
Exports the current key in the FIPS 204 private key format.
destination
<para>The buffer to receive the private key. Its length must be exactly <see cref="P:System.Security.Cryptography.MLDsaAlgorithm.PrivateKeySizeInBytes" />.</para>
public
byte[]
ExportMLDsaPrivateSeed()
Inherited from MLDsa
Exports the private seed in the FIPS 204 private seed format.
Returns The FIPS 204 private seed.
public
void
ExportMLDsaPrivateSeed(Span<byte> destination)
Inherited from MLDsa
Exports the private seed of the current key.
destination
<para>The buffer to receive the private seed. Its length must be exactly <see cref="P:System.Security.Cryptography.MLDsaAlgorithm.PrivateSeedSizeInBytes" />.</para>
public
byte[]
ExportMLDsaPublicKey()
Inherited from MLDsa
Exports the public-key portion of the current key in the FIPS 204 public key format.
Returns The FIPS 204 public key.
public
void
ExportMLDsaPublicKey(Span<byte> destination)
Inherited from MLDsa
Exports the public-key portion of the current key in the FIPS 204 public key format.
destination
<para>The buffer to receive the public key. Its length must be exactly <see cref="P:System.Security.Cryptography.MLDsaAlgorithm.PublicKeySizeInBytes" />.</para>
public
byte[]
ExportPkcs8PrivateKey()
Inherited from MLDsa
Exports the current key in the PKCS#8 PrivateKeyInfo format.
Returns A byte array containing the PKCS#8 PrivateKeyInfo representation of the this key.
public
string
ExportPkcs8PrivateKeyPem()
Inherited from MLDsa
Exports the current key in a PEM-encoded representation of the PKCS#8 PrivateKeyInfo format.
Returns <para>A string containing the PEM-encoded representation of the PKCS#8 PrivateKeyInfo representation of the public-key portion of this key.</para>
public
byte[]
ExportSubjectPublicKeyInfo()
Inherited from MLDsa
Exports the public-key portion of the current key in the X.509 SubjectPublicKeyInfo format.
Returns A byte array containing the X.509 SubjectPublicKeyInfo representation of the public-key portion of this key.
public
string
ExportSubjectPublicKeyInfoPem()
Inherited from MLDsa
<para>Exports the public-key portion of the current key in a PEM-encoded representation of the X.509 SubjectPublicKeyInfo format.</para>
Returns <para>A string containing the PEM-encoded representation of the X.509 SubjectPublicKeyInfo representation of the public-key portion of this key.</para>
public
byte[]
SignData(byte[] data,
byte[] context = null)
Inherited from MLDsa
Signs the specified data.
Returns ML-DSA signature for the specified data.
data
The data to sign.
context
<para>An optional context-specific value to limit the scope of the signature.</para> <para>The default value is <see langword="null" />.</para>
public
void
SignData(ReadOnlySpan<byte> data,
Span<byte> destination,
ReadOnlySpan<byte> context = null)
Inherited from MLDsa
Signs the specified data, writing the signature into the provided buffer.
data
The data to sign.
destination
<para>The buffer to receive the signature. Its length must be exactly <see cref="P:System.Security.Cryptography.MLDsaAlgorithm.SignatureSizeInBytes" />.</para>
context
<para>An optional context-specific value to limit the scope of the signature.</para> <para>The default value is an empty buffer.</para>
public
byte[]
SignMu(byte[] externalMu)
Inherited from MLDsa
Signs the specified externally computed signature mu (μ) value.
Returns ML-DSA signature for the specified mu value.
externalMu
The signature mu value to sign.
public
byte[]
SignMu(ReadOnlySpan<byte> externalMu)
Inherited from MLDsa
Signs the specified externally computed signature mu (μ) value.
Returns ML-DSA signature for the specified mu value.
externalMu
The signature mu value to sign.
public
void
SignMu(ReadOnlySpan<byte> externalMu,
Span<byte> destination)
Inherited from MLDsa
<para>Signs the specified externally computed signature mu (μ) value, writing the signature into the provided buffer.</para>
externalMu
The signature mu value to sign.
destination
<para>The buffer to receive the signature. Its length must be exactly <see cref="P:System.Security.Cryptography.MLDsaAlgorithm.SignatureSizeInBytes" />.</para>
public
byte[]
SignPreHash(byte[] hash,
string hashAlgorithmOid,
byte[] context = null)
Inherited from MLDsa
Signs the specified hash using the FIPS 204 pre-hash signing algorithm.
hash
The hash to sign.
hashAlgorithmOid
The OID of the hash algorithm used to create the hash.
context
<para>An optional context-specific value to limit the scope of the signature.</para> <para>The default value is <see langword="null" />.</para>
public
void
SignPreHash(ReadOnlySpan<byte> hash,
Span<byte> destination,
string hashAlgorithmOid,
ReadOnlySpan<byte> context = null)
Inherited from MLDsa
Signs the specified hash using the FIPS 204 pre-hash signing algorithm, writing the signature into the provided buffer.
hash
The hash to sign.
destination
<para>The buffer to receive the signature. Its length must be exactly <see cref="P:System.Security.Cryptography.MLDsaAlgorithm.SignatureSizeInBytes" />.</para>
hashAlgorithmOid
The OID of the hash algorithm used to create the hash.
context
<para>An optional context-specific value to limit the scope of the signature.</para> <para>The default value is an empty buffer.</para>
public
bool
TryExportEncryptedPkcs8PrivateKey(ReadOnlySpan<byte> passwordBytes,
PbeParameters pbeParameters,
Span<byte> destination,
Int32& bytesWritten)
Inherited from MLDsa
public
bool
TryExportEncryptedPkcs8PrivateKey(ReadOnlySpan<char> password,
PbeParameters pbeParameters,
Span<byte> destination,
Int32& bytesWritten)
Inherited from MLDsa
public
bool
TryExportEncryptedPkcs8PrivateKey(string password,
PbeParameters pbeParameters,
Span<byte> destination,
Int32& bytesWritten)
Inherited from MLDsa
public
bool
TryExportPkcs8PrivateKey(Span<byte> destination,
Int32& bytesWritten)
Inherited from MLDsa
public
bool
TryExportSubjectPublicKeyInfo(Span<byte> destination,
Int32& bytesWritten)
Inherited from MLDsa
public
bool
VerifyData(byte[] data,
byte[] signature,
byte[] context = null)
Inherited from MLDsa
Verifies that the specified signature is valid for this key and the provided data.
Returns <see langword="true" /> if the signature validates the data; otherwise, <see langword="false" /> .
data
The data to verify.
signature
The signature to verify.
context
<para>The context value which was provided during signing.</para> <para>The default value is <see langword="null" />.</para>
public
bool
VerifyData(ReadOnlySpan<byte> data,
ReadOnlySpan<byte> signature,
ReadOnlySpan<byte> context = null)
Inherited from MLDsa
Verifies that the specified signature is valid for this key and the provided data.
Returns <see langword="true" /> if the signature validates the data; otherwise, <see langword="false" /> .
data
The data to verify.
signature
The signature to verify.
context
<para>The context value which was provided during signing.</para> <para>The default value is an empty buffer.</para>
public
bool
VerifyMu(byte[] externalMu,
byte[] signature)
Inherited from MLDsa
Verifies that a digital signature is valid for the provided externally computed signature mu (μ) value.
Returns <p>
<code data-dev-comment-type="langword">true</code> if the digital signature is valid for the provided mu value; otherwise, <code data-dev-comment-type="langword">false</code>.</p>
externalMu
The signature mu value.
signature
The signature to verify.
public
bool
VerifyMu(ReadOnlySpan<byte> externalMu,
ReadOnlySpan<byte> signature)
Inherited from MLDsa
Verifies that a digital signature is valid for the provided externally computed signature mu (μ) value.
Returns <para>
<see langword="true" /> if the digital signature is valid for the provided mu value; otherwise, <see langword="false" />.</para>
externalMu
The signature mu value.
signature
The signature to verify.
public
bool
VerifyPreHash(byte[] hash,
byte[] signature,
string hashAlgorithmOid,
byte[] context = null)
Inherited from MLDsa
Verifies that the specified FIPS 204 pre-hash signature is valid for this key and the provided hash.
Returns <see langword="true" /> if the signature validates the hash; otherwise, <see langword="false" /> .
hash
The hash to verify.
signature
The signature to verify.
hashAlgorithmOid
The OID of the hash algorithm used to create the hash.
context
<para>The context value which was provided during signing.</para> <para>The default value is <see langword="null" />.</para>
public
bool
VerifyPreHash(ReadOnlySpan<byte> hash,
ReadOnlySpan<byte> signature,
string hashAlgorithmOid,
ReadOnlySpan<byte> context = null)
Inherited from MLDsa
Verifies that the specified FIPS 204 pre-hash signature is valid for this key and the provided hash.
Returns <see langword="true" /> if the signature validates the hash; otherwise, <see langword="false" /> .
hash
The hash to verify.
signature
The signature to verify.
hashAlgorithmOid
The OID of the hash algorithm used to create the hash.
context
<para>The context value which was provided during signing.</para> <para>The default value is an empty buffer.</para>
public
bool
Equals(object obj)
Inherited from object
protected
void
Finalize()
Inherited from object
public
int
GetHashCode()
Inherited from object
protected
object
MemberwiseClone()
Inherited from object
public
string
ToString()
Inherited from object