Skip to content

Add multi-part operations for asymmetric signature #335

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
athoelke wants to merge 2 commits into
base: main
Choose a base branch
from
Open

Add multi-part operations for asymmetric signature #335

athoelke wants to merge 2 commits into from

Conversation

@athoelke
Copy link
Contributor

@athoelke athoelke commented Jan 28, 2026

This adds the new operations for multipart sign and multi-part verify for asymmetric signatures (previous discussions suggested these should be ditinct types).

  • Updated the Functionality chapter to indicate the availability of multi-part operations for signature (and added two missed additions in 1.4).
  • Extended the introduction to Asymmetric Signatures to describe the multi-part operations, and how they extend multi-part capability to message-signature algorithms.
  • Added/modified text in signature algorithms to reflect their compatibility with the mluti-part operations.
  • Modified the Notes in the single-part functions which recommended the use of a multi-part hash operation for fragmented messages.
  • Add new operation types and functions.

Fixes #319

@athoelke athoelke added this to the Crypto 1.5 milestone Jan 28, 2026
@athoelke athoelke self-assigned this Jan 28, 2026
@athoelke athoelke added enhancement New feature or request Crypto API Issue or PR related to the Cryptography API labels Jan 28, 2026
@athoelke
Copy link
Contributor Author

athoelke commented Jan 28, 2026

This needs to wait for the 1.4.1 publication to be finalised.

One aspect of the proposed API that might be debatable:

  • I've added context parameters to the setup functions, which can be zero-length (as per the _with_context single part functions). This seems to be a better approach than adding an additional, optional to call, xxx_set_context()function to each operation - which adds additional states and complexity to the implementation.

@athoelke athoelke moved this to In Progress in PSA Certified API development Jan 28, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@gilles-peskine-arm gilles-peskine-arm Awaiting requested review from gilles-peskine-arm

@MarcusJGStreets MarcusJGStreets Awaiting requested review from MarcusJGStreets

Assignees

@athoelke athoelke

Labels

Crypto API Issue or PR related to the Cryptography API enhancement New feature or request

Projects

PSA Certified API development
Status: In Progress

Milestone

Crypto 1.5

Development

Successfully merging this pull request may close these issues.

Add multi-part sign-message and verify-message operations (was 'Allow external mu to MLDSA sign/verify PSA APIs')

1 participant

@athoelke