diff options
| author | Eric Biggers <ebiggers@kernel.org> | 2026-02-02 14:15:52 -0800 |
|---|---|---|
| committer | Eric Biggers <ebiggers@kernel.org> | 2026-02-03 19:28:51 -0800 |
| commit | ffd42b6d0420c4be97cc28fd1bb5f4c29e286e98 (patch) | |
| tree | 1262a96860cba88fcdebb643524a241ee30c6518 | |
| parent | fbfeca74043777b48add294089cd4c4f68ed3377 (diff) | |
lib/crypto: mldsa: Clarify the documentation for mldsa_verify() slightly
mldsa_verify() implements ML-DSA.Verify with ctx='', so document this
more explicitly. Remove the one-liner comment above mldsa_verify()
which was somewhat misleading.
Reviewed-by: David Howells <dhowells@redhat.com>
Link: https://lore.kernel.org/r/20260202221552.174341-1-ebiggers@kernel.org
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
| -rw-r--r-- | include/crypto/mldsa.h | 4 | ||||
| -rw-r--r-- | lib/crypto/mldsa.c | 1 |
2 files changed, 3 insertions, 2 deletions
diff --git a/include/crypto/mldsa.h b/include/crypto/mldsa.h index cf30aef29970..3ef2676787c9 100644 --- a/include/crypto/mldsa.h +++ b/include/crypto/mldsa.h @@ -39,7 +39,9 @@ enum mldsa_alg { * otherwise -EBADMSG will be returned. * * This verifies a signature using pure ML-DSA with the specified parameter set. - * The context string is assumed to be empty. + * The context string is assumed to be empty. This corresponds to FIPS 204 + * Algorithm 3 "ML-DSA.Verify" with the ctx parameter set to the empty string + * and the lengths of the signature and key given explicitly by the caller. * * Context: Might sleep * diff --git a/lib/crypto/mldsa.c b/lib/crypto/mldsa.c index ba0c0468956e..c96fddc4e7dc 100644 --- a/lib/crypto/mldsa.c +++ b/lib/crypto/mldsa.c @@ -525,7 +525,6 @@ static size_t encode_w1(u8 out[MAX_W1_ENCODED_LEN], return pos; } -/* Reference: FIPS 204 Section 6.3 "ML-DSA Verifying (Internal)" */ int mldsa_verify(enum mldsa_alg alg, const u8 *sig, size_t sig_len, const u8 *msg, size_t msg_len, const u8 *pk, size_t pk_len) { |