diff --git a/Sources/_CryptoExtras/MLDSA/MLDSA_boring.swift b/Sources/_CryptoExtras/MLDSA/MLDSA_boring.swift index 8b451fdd..5b417468 100644 --- a/Sources/_CryptoExtras/MLDSA/MLDSA_boring.swift +++ b/Sources/_CryptoExtras/MLDSA/MLDSA_boring.swift @@ -43,20 +43,13 @@ extension MLDSA { self.backing = try Backing(seed: seed) } - /// Initialize a ML-DSA-65 private key from a DER representation. + /// Initialize a ML-DSA-65 private key from a raw representation. /// - /// - Parameter derRepresentation: The DER representation of the private key. + /// - Parameter rawRepresentation: The private key bytes. /// - /// - Throws: `CryptoKitError.incorrectKeySize` if the DER representation is not the correct size. - public init(derRepresentation: some DataProtocol) throws { - self.backing = try Backing(derRepresentation: derRepresentation) - } - - /// Initialize a ML-DSA-65 private key from a PEM representation. - /// - /// - Parameter pemRepresentation: The PEM representation of the private key. - public init(pemRepresentation: String) throws { - self.backing = try Backing(pemRepresentation: pemRepresentation) + /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size. + public init(rawRepresentation: some DataProtocol) throws { + self.backing = try Backing(rawRepresentation: rawRepresentation) } /// The public key associated with this private key. @@ -79,7 +72,11 @@ extension MLDSA { static let bytesCount = Backing.bytesCount fileprivate final class Backing { - let pointer: UnsafeMutablePointer + private let pointer: UnsafeMutablePointer + + func withUnsafePointer(_ body: (UnsafePointer) throws -> T) rethrows -> T { + try body(self.pointer) + } /// Initialize a ML-DSA-65 private key from a random seed. init() throws { @@ -122,19 +119,19 @@ extension MLDSA { } } - /// Initialize a ML-DSA-65 private key from a DER representation. + /// Initialize a ML-DSA-65 private key from a raw representation. /// - /// - Parameter derRepresentation: The DER representation of the private key. + /// - Parameter rawRepresentation: The private key bytes. /// - /// - Throws: `CryptoKitError.incorrectKeySize` if the DER representation is not the correct size. - init(derRepresentation: some DataProtocol) throws { - guard derRepresentation.count == MLDSA.PrivateKey.Backing.bytesCount else { + /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size. + init(rawRepresentation: some DataProtocol) throws { + guard rawRepresentation.count == MLDSA.PrivateKey.Backing.bytesCount else { throw CryptoKitError.incorrectKeySize } self.pointer = UnsafeMutablePointer.allocate(capacity: 1) - try derRepresentation.regions.flatMap { $0 }.withUnsafeBufferPointer { buffer in + try rawRepresentation.regions.flatMap { $0 }.withUnsafeBufferPointer { buffer in let cbsPointer = UnsafeMutablePointer.allocate(capacity: 1) defer { cbsPointer.deallocate() } cbsPointer.pointee = CBS(data: buffer.baseAddress, len: buffer.count) @@ -145,14 +142,6 @@ extension MLDSA { } } - /// Initialize a ML-DSA-65 private key from a PEM representation. - /// - /// - Parameter pemRepresentation: The PEM representation of the private key. - convenience init(pemRepresentation: String) throws { - let document = try ASN1.PEMDocument(pemString: pemRepresentation) - try self.init(derRepresentation: document.derBytes) - } - /// The public key associated with this private key. var publicKey: PublicKey { PublicKey(privateKeyBacking: self) @@ -214,33 +203,19 @@ extension MLDSA { self.backing = Backing(privateKeyBacking: privateKeyBacking) } - /// Initialize a ML-DSA-65 public key from a DER representation. - /// - /// - Parameter derRepresentation: The DER representation of the public key. + /// Initialize a ML-DSA-65 public key from a raw representation. /// - /// - Throws: `CryptoKitError.incorrectKeySize` if the DER representation is not the correct size. - public init(derRepresentation: some DataProtocol) throws { - self.backing = try Backing(derRepresentation: derRepresentation) - } - - /// Initialize a ML-DSA-65 public key from a PEM representation. + /// - Parameter rawRepresentation: The public key bytes. /// - /// - Parameter pemRepresentation: The PEM representation of the public key. - public init(pemRepresentation: String) throws { - self.backing = try Backing(pemRepresentation: pemRepresentation) + /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size. + public init(rawRepresentation: some DataProtocol) throws { + self.backing = try Backing(rawRepresentation: rawRepresentation) } - /// The DER representation of the public key. - public var derRepresentation: Data { + /// The raw binary representation of the public key. + public var rawRepresentation: Data { get throws { - try self.backing.derRepresentation - } - } - - /// The PEM representation of the public key. - public var pemRepresentation: String { - get throws { - try self.backing.pemRepresentation + try self.backing.rawRepresentation } } @@ -264,22 +239,24 @@ extension MLDSA { init(privateKeyBacking: PrivateKey.Backing) { self.pointer = UnsafeMutablePointer.allocate(capacity: 1) - CCryptoBoringSSL_MLDSA65_public_from_private(self.pointer, privateKeyBacking.pointer) + let _ = privateKeyBacking.withUnsafePointer { privateKeyPtr in + CCryptoBoringSSL_MLDSA65_public_from_private(self.pointer, privateKeyPtr) + } } - /// Initialize a ML-DSA-65 public key from a DER representation. + /// Initialize a ML-DSA-65 public key from a raw representation. /// - /// - Parameter derRepresentation: The DER representation of the public key. + /// - Parameter rawRepresentation: The public key bytes. /// - /// - Throws: `CryptoKitError.incorrectKeySize` if the DER representation is not the correct size. - init(derRepresentation: some DataProtocol) throws { - guard derRepresentation.count == MLDSA.PublicKey.Backing.bytesCount else { + /// - Throws: `CryptoKitError.incorrectKeySize` if the raw representation is not the correct size. + init(rawRepresentation: some DataProtocol) throws { + guard rawRepresentation.count == MLDSA.PublicKey.Backing.bytesCount else { throw CryptoKitError.incorrectKeySize } self.pointer = UnsafeMutablePointer.allocate(capacity: 1) - try derRepresentation.regions.flatMap { $0 }.withUnsafeBufferPointer { buffer in + try rawRepresentation.regions.flatMap { $0 }.withUnsafeBufferPointer { buffer in let cbsPointer = UnsafeMutablePointer.allocate(capacity: 1) defer { cbsPointer.deallocate() } cbsPointer.pointee = CBS(data: buffer.baseAddress, len: buffer.count) @@ -290,16 +267,8 @@ extension MLDSA { } } - /// Initialize a ML-DSA-65 public key from a PEM representation. - /// - /// - Parameter pemRepresentation: The PEM representation of the public key. - convenience init(pemRepresentation: String) throws { - let document = try ASN1.PEMDocument(pemString: pemRepresentation) - try self.init(derRepresentation: document.derBytes) - } - - /// The DER representation of the public key. - var derRepresentation: Data { + /// The raw binary representation of the public key. + var rawRepresentation: Data { get throws { var cbb = CBB() // `CBB_init` can only return 0 on allocation failure, which we define as impossible. @@ -318,13 +287,6 @@ extension MLDSA { } } - /// The PEM representation of the public key. - var pemRepresentation: String { - get throws { - ASN1.PEMDocument(type: MLDSA.PublicKeyType, derBytes: try self.derRepresentation).pemString - } - } - /// Verify a signature for the given data. /// /// - Parameters: diff --git a/Tests/_CryptoExtrasTests/MLDSATests.swift b/Tests/_CryptoExtrasTests/MLDSATests.swift index b2d608f6..7a7f347a 100644 --- a/Tests/_CryptoExtrasTests/MLDSATests.swift +++ b/Tests/_CryptoExtrasTests/MLDSATests.swift @@ -97,27 +97,27 @@ final class MLDSATests: XCTestCase { let seed: [UInt8] = (0..<32).map { _ in UInt8.random(in: 0...255) } let key = try MLDSA.PrivateKey(seed: seed) let publicKey = key.publicKey - try encodedPublicKey.replaceSubrange(0..