1. Patchew
  2. linux
  3. View series

[PATCH] lib/crypto: mldsa: Clarify the documentation for mldsa_verify() slightly

Eric Biggers posted 1 patch 5 days, 13 hours ago 
include/crypto/mldsa.h | 4 +++-
lib/crypto/mldsa.c     | 1 -
2 files changed, 3 insertions(+), 2 deletions(-)
[PATCH] lib/crypto: mldsa: Clarify the documentation for mldsa_verify() slightly
Posted by Eric Biggers 5 days, 13 hours ago 
mldsa_verify() implements ML-DSA.Verify with ctx='', so document this
more explicitly.  Remove the one-liner comment above mldsa_verify()
which was somewhat misleading.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
 include/crypto/mldsa.h | 4 +++-
 lib/crypto/mldsa.c     | 1 -
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/include/crypto/mldsa.h b/include/crypto/mldsa.h
index cf30aef299706..3ef2676787c9e 100644
--- a/include/crypto/mldsa.h
+++ b/include/crypto/mldsa.h
@@ -37,11 +37,13 @@ enum mldsa_alg {
  * @pk_len: Length of the public key in bytes.  Should match the
  *	    MLDSA*_PUBLIC_KEY_SIZE constant associated with @alg,
  *	    otherwise -EBADMSG will be returned.
  *
  * This verifies a signature using pure ML-DSA with the specified parameter set.
- * The context string is assumed to be empty.
+ * The context string is assumed to be empty.  This corresponds to FIPS 204
+ * Algorithm 3 "ML-DSA.Verify" with the ctx parameter set to the empty string
+ * and the lengths of the signature and key given explicitly by the caller.
  *
  * Context: Might sleep
  *
  * Return:
  * * 0 if the signature is valid
diff --git a/lib/crypto/mldsa.c b/lib/crypto/mldsa.c
index ba0c0468956e2..c96fddc4e7dcf 100644
--- a/lib/crypto/mldsa.c
+++ b/lib/crypto/mldsa.c
@@ -523,11 +523,10 @@ static size_t encode_w1(u8 out[MAX_W1_ENCODED_LEN],
 			out[pos++] = w1->x[j] | (w1->x[j + 1] << 4);
 	}
 	return pos;
 }
 
-/* Reference: FIPS 204 Section 6.3 "ML-DSA Verifying (Internal)" */
 int mldsa_verify(enum mldsa_alg alg, const u8 *sig, size_t sig_len,
 		 const u8 *msg, size_t msg_len, const u8 *pk, size_t pk_len)
 {
 	const struct mldsa_parameter_set *params = &mldsa_parameter_sets[alg];
 	const int k = params->k, l = params->l;

base-commit: fbfeca74043777b48add294089cd4c4f68ed3377
-- 
2.52.0
Re: [PATCH] lib/crypto: mldsa: Clarify the documentation for mldsa_verify() slightly
Posted by David Howells 4 days, 13 hours ago 
Eric Biggers <ebiggers@kernel.org> wrote:

> mldsa_verify() implements ML-DSA.Verify with ctx='', so document this
> more explicitly.  Remove the one-liner comment above mldsa_verify()
> which was somewhat misleading.
> 
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>

Reviewed-by: David Howells <dhowells@redhat.com>

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.