Lines Matching +full:pre +full:- +full:set

1 ML-DSA Design
4 This document covers OpenSSL specific ML-DSA implementation details.
5 FIPS 204 clearly states most of the requirements of ML-DSA and has comprehensive
13 ML-DSA Parameters & Per algorithm Functions
14 -------------------------------------------
22 ML-DSA-44, ML-DSA-65 and ML-DSA-87.
24 ML-DSA only uses SHAKE-128 and SHAKE-256 for digest operations, so these digest
25 algorithms are pre-fetched and stored within a `ML_DSA` key.
26 Any functions that require these pre-fetched objects must pass either the key
27 or the pre-fetched object within the key as a parameter.
28 A temporary `EVP_MD_CTX` is created as needed and the shake object(s) are set
32 contained 2 `EVP_MD_CTXs` with the pre-fetched `EVP_MD` shake objects. It was
33 modified to match the ML-KEM code.
35 ML-DSA keys
36 ------------
38 Once loaded an 'ML-DSA-KEY' object contains either a public key or a
58 public and private key components are not changed once set.
69 Pure vs Pre Hashed Signature Generation
70 ----------------------------------------
72 The normal signing process (called Pure ML-DSA Signature Generation)
79 Pre Hash ML-DSA Signature Generation encode the message as
89 Currently OpenSSL does not support the Pre Hash variant as this does not sit
91 The user could do the encoding themselves and then set the settable to not
95 -------------
97 As only the one-shot implementation is required and the message is not digested
104 ----------------------------
116 -----------------
122 ----------------------------
131 ----------------------
133 At the time of writing, BoringSSL code only supported ML-DSA-65. Since there
139 ------------------------------------------------------
141 The symmetric modulus operation normally gives a result in the range -a/2 ...