Re: [EXT] Re: How to generate ML-KEM key-pair?

["Blumenthal, Uri - 0553 - MITLL" <uri@xxxxxxxxxx>]

Viktor,

 

Thank you very much! Very helpful!

 

$ openssl genpkey -algorithm mlkem1024 -outform PEM -out prkey-kem.pem -outpubkey pubkey-kem.pem

$ openssl genpkey -algorithm mldsa87 -outform PEM -out prkey-dsa.pem -outpubkey pubkey-dsa.pem

$ openssl pkey -pubin -in pubkey-kem.pem -text | head -10

-----BEGIN PUBLIC KEY-----

MIIGMjALBglghkgBZQMEBAMDggYhAL5xtR8wyXRFEPGAZAjDFFDThI90YcEkNeGF

rkCkJpoouPnYfJ/hPTSgJ5+GPS6iGeVkBymMWDHzMFi1yWc7v9S5lCD7vxGlTDIk

qmI2mk0jKLepcoewbh/1TgPDQt2GxxK1xuBEGEPKR/ppByacl0JVRGobJK5cHNr0

Kh8HdBXaBvwAWMXlDoTSPl9AhkBBOY2Er8R3gUIACopmYOFyNesoRrRgtcOgxidU

EJ+1q94jghlTuL1bT4oGYF3hQIIkr+c7nPEjIZt5EEPJP0RLdTUSRkS0mMcSeeWl

n1czfJjCGfm7Hsa3ia64qBNSJZ3hTbYpGkFRUssEPHTWB0RYW+mYzgvRwnZHY+8m

OSoRmjtKeAwlV2xKjKRwSOBcWypZwGJrYTZJYIOlhGArUXA6f5mYAHkJxcoqI/uD

PYClig87ffvQvwlzlMc1V6TJjnoRYDrig45cl9GSNFNGKlh6dNXmslcMw0tWdcxZ

WdAmQ8HUU1m2ssZZr56nysN6VW56JOPXLLl3VHLLbtDjE6Ybe5tQLzU5Xx9WxBks

$ 

$ openssl pkeyutl -encap -pubin -inkey pubkey-kem.pem -secret ss1.dat -out ctext.dat

$ openssl pkeyutl -decap -inkey prkey-kem.pem -out ss2.dat < ctext.dat

$ openssl dgst -sha256 -binary < ss1.dat | xxd -p -c32

6931e331b9ccb1267b90fcfc3a21707be9fdb2e3b8df160c552040cf151fb74b

$ openssl dgst -sha256 -binary < ss2.dat | xxd -p -c32

6931e331b9ccb1267b90fcfc3a21707be9fdb2e3b8df160c552040cf151fb74b

$ 

$ openssl version

OpenSSL 3.4.0 22 Oct 2024 (Library: OpenSSL 3.4.0 22 Oct 2024)

$ 

 

The above worked like a charm. I used the stable/released OpenSSL 3.4.0, with the current OQS provider installed (so, slightly different parameters).

 

Question: could you help me, using the two key-pairs above, create (a) a self-signed certificate for the ML-DSA-87 pubkey with ML-DSA-87 as signature algorithm, and SHA384 as hash, and (b) a certificate for the above ML-KEM-1024 public key signed by the above ML-DSA-87 key?

(Getting CSR and all the arguments seems to be a problem for me.)

 

Thanks again!

--

V/R,

Uri

 

There are two ways to design a system. One is to make it so simple there are obviously no deficiencies.

The other is to make it so complex there are no obvious deficiencies.

                                                                                                                                     -  C. A. R. Hoare

 

I was a shepherd to fools

Causelessly bold or afraid.

They would not abide by my rules.

Yet they escaped. For I stayed.

                                                  R. Kipling “Epitaphs of the War. Convoy Escort”

 

 

 

From: openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx> on behalf of Viktor Dukhovni <openssl-users@xxxxxxxxxxxx>
Date: Saturday, December 28, 2024 at 22:09
To: openssl-users@xxxxxxxxxxx <openssl-users@xxxxxxxxxxx>
Subject: [EXT] Re: How to generate ML-KEM key-pair?

!-------------------------------------------------------------------|
  This Message Is From an External Sender
  This message came from outside the Laboratory.
|-------------------------------------------------------------------!

On Tue, Dec 10, 2024 at 10:20:27PM +0000, Blumenthal, Uri - 0553 - MITLL wrote:

> I’m trying to generate an ML-KEM key-pair (well, and ML-DSA key-pair)
> using OpenSSL CLI, specifically “openssl genpkey”. I have
> OpenSSLS-3.4.0 installed, and “oqs-provider” built from the “main”
> branch.

While I can't help you with OQS, the good news it that ML-KEM and ML-DSA
will likely soon have native support in the upcoming OpenSSL 3.5.  The
ML-KEM code is a bit further along, though not yet even fully merged into
the feature branch, a bunch is still in various PRs...

    $ openssl genpkey -algorithm ml-kem-512 -out /tmp/ml-512-key.pem
    $ openssl pkey -in /tmp/ml-512-key.pem -pubout -out /tmp/ml-512-pub.pem
    $ openssl pkeyutl -encap -inkey /tmp/ml-512-pub.pem -secret /tmp/encap.dat -out /tmp/ctext.dat
    $ openssl pkeyutl -decap -inkey /tmp/ml-512-key.pem -secret /tmp/decap.dat < /tmp/ctext.dat

    $ openssl dgst -sha256 -binary < /tmp/encap.dat | xxd -p -c32
    351bc81516ab2b70cf30fbbfd92cbb819f56351460ce655929655c7f2fae7256

    $ openssl dgst -sha256 -binary < /tmp/decap.dat | xxd -p -c32
    351bc81516ab2b70cf30fbbfd92cbb819f56351460ce655929655c7f2fae7256

    $ wc -c /tmp/*.dat
    768 /tmp/ctext.dat
     32 /tmp/decap.dat
     32 /tmp/encap.dat
    832 total

    $ openssl pkey -in /tmp/ml-512-key.pem -text | sed -e '/pub:/q'
    -----BEGIN PRIVATE KEY-----
    MFICAQAwCwYJYIZIAWUDBAQBBECkAuecgpTeeI3c9gNy/bor/lneCg08n4A85VlG
    wYGhm9CgcO/o2h/xPIjBJ1Ry2n5bCICerYwMjal/MeZ1ioDV
    -----END PRIVATE KEY-----
    ML-KEM-512 Private-Key:
    priv:
        a4:02:e7:9c:82:94:de:78:8d:dc:f6:03:72:fd:ba:
        2b:fe:59:de:0a:0d:3c:9f:80:3c:e5:59:46:c1:81:
        a1:9b:d0:a0:70:ef:e8:da:1f:f1:3c:88:c1:27:54:
        72:da:7e:5b:08:80:9e:ad:8c:0c:8d:a9:7f:31:e6:
        75:8a:80:d5
    pub:

    $ openssl pkey -in /tmp/ml-512-pub.pem -pubin -text | sed -e '/pub:/q'
    -----BEGIN PUBLIC KEY-----
    MIIDMjALBglghkgBZQMEBAEDggMhAOcWAuPrJwXbi8ikCRuDSzoUunHGHJK0R+5L
    UOQ2bcercJTqb7AleVijcTkigLDcO7SowHHnIuT2mE6lW4YzwdbKQdQZuQqravG4
    x/JSs+jAvFLjrkeYqpYpUo2HDhpMSBAsXGi6rnpywaUyCJ9qhmOrqSEVx+43o1FI
    VgiYnvh2XvyZmc/LLY8UywVJc8pxIudJYqpKeGPzMjzRCNQUp17cEpQ6h+6gpDZp
    a8ILR7ryuMRBsLpUrNCXANCwqmCWvIP5rCHriVxXN54WBT6WTb7ryNMUjYNAaHiK
    gIHUrFUFLIxJksUYYu5Uyj3xWIWBjc85Rk4wZWDHtF1wmoQ3cGymAZnwwGNMzG26
    ZhBiuF6wRaNJK8AAqcins6aTCMDYet2njoL7VjCkYpZCnpC6aF67uwuQWEiwJVbi
    jIySJ4h5V98zsIrRyHexPqnKvb7TGom5YDabnIPTMuRYAVnKKqIaE65UPn5Lc4AJ
    W9dSJZeSE3i3ugchpPgZL1UiZzU4k/MsNdzkG+OLJw+aUit4XMfxhSdbJDhymS0n
    TxZoX8HwE1FkggpyhjXit58qaumXLXLHWARJYjXJR+omRq6DYC0XnJCoVZJ6jF+R
    iHVIx4e1PHQIVV51oFgcXgTwl8snXQI3tHJ6Aldcrfu8mYDpOdK2bV7octXpWQ0g
    Z4U6ESIqh5Z1XPmwarFnipbVXQy5qxPFLvX1j2jMq2ALVPxXJPRZQDRFkDgKtG4o
    PsJTPRyhzeHgUTb2dD+VJ9FkHtAMz0jncm/ycYxxklmgO2UQYrTpbZFWbEfhAW6L
    bXtyb/T6qlDQaHo7zLGMDrj7MSf1X2yIgxdMBcPBI3HGTgCxpRD2G28bteyHEeuU
    tRXbWckjWUVprj1Wqtz1p0tSQWQCC7rCE4NEI1OmNk9GY7BGDYqYBcKnzkb3QOXS
    Pm0RTJybx9PnB09gxHsrdEF6LJrxV1H5aMYxXrzwL0rUt/cCdrXmbDvRuVMiYFcW
    pOCVWxJWtZNrdTqkwf5gzG24XmqGjk/3GfkPkkEkchfz8eIaf8z0cWJ2wLhP+Mje
    Z4PeJIIn
    -----END PUBLIC KEY-----
    ML-KEM-512 Public-Key:
    pub:

[ The openssl-pkeyutl(1) support for encap/decap required some fixes. ]

--
    Viktor.

--
You received this message because you are subscribed to the Google Groups "openssl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
To view this discussion visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/Z3C9LzrQL4COcVP7%40chardros.imrryr.org.

--
You received this message because you are subscribed to the Google Groups "openssl-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to openssl-users+unsubscribe@xxxxxxxxxxx.
To view this discussion visit https://groups.google.com/a/openssl.org/d/msgid/openssl-users/BN0P110MB14193BE0FC636D0DBEBAB9E19008A%40BN0P110MB1419.NAMP110.PROD.OUTLOOK.COM.

Attachment: smime.p7s
Description: S/MIME cryptographic signature