Skip to content

ML-DSA: Support deterministic signing#88

Open
mjdemilliano wants to merge 2 commits intowolfSSL:masterfrom
mjdemilliano:ml-dsa-deterministic-sign
Open

ML-DSA: Support deterministic signing#88
mjdemilliano wants to merge 2 commits intowolfSSL:masterfrom
mjdemilliano:ml-dsa-deterministic-sign

Conversation

@mjdemilliano
Copy link
Copy Markdown
Contributor

@mjdemilliano mjdemilliano commented Mar 24, 2026

No description provided.

@embhorn
Copy link
Copy Markdown
Member

embhorn commented Apr 7, 2026

@mjdemilliano is an approved contrinutor

@embhorn embhorn requested a review from danielinux April 7, 2026 12:24
@danielinux danielinux requested a review from Copilot April 8, 2026 06:19
Copilot AI reviewed Apr 8, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds deterministic ML-DSA signature generation support by allowing callers to supply an explicit 32-byte seed, wiring the new wolfSSL APIs through the Python binding and adding test coverage for deterministic behavior.

Changes:

  • Add MlDsaPrivate.sign_with_seed() to generate deterministic signatures using a caller-provided seed (optionally with a context).
  • Extend the CFFI cdef with wc_dilithium_sign_msg_with_seed / wc_dilithium_sign_ctx_msg_with_seed.
  • Add a unit test validating deterministic re-signing and basic seed-length checking.

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 5 comments.

File Description
wolfcrypt/ciphers.py Introduces deterministic signing API and seed-length constant for ML-DSA private keys.
tests/test_mldsa.py Adds tests for deterministic signing behavior with a fixed seed.
scripts/build_ffi.py Exposes the new wolfSSL deterministic-signing functions to CFFI.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@danielinux danielinux self-assigned this Apr 8, 2026
danielinux
danielinux previously requested changes Apr 8, 2026
View reviewed changes
Copy link
Copy Markdown
Member

@danielinux danielinux left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please address copilot's commends

@mjdemilliano
Process Copilot comments
d86081c 
- Use constant from ciphers.py
- Raise ValueError or TypeError in sign_with_seed instead of assert
- Add missing test case
@mjdemilliano
Copy link
Copy Markdown
Contributor Author

mjdemilliano commented Apr 10, 2026

Resolved comments

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@dgarske dgarske dgarske approved these changes

@danielinux danielinux danielinux left review comments

Assignees

@wolfSSL-Bot wolfSSL-Bot

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@mjdemilliano @embhorn @danielinux @dgarske @wolfSSL-Bot