Switch to ML-DSA

Cargo.toml

@@ -37,9 +37,9 @@ get-info-full = []
 large-blobs = []
 third-party-payment = []
 
-backend-dilithium2 = []
-backend-dilithium3 = []
-backend-dilithium5 = []
+backend-mldsa-44 = []
+backend-mldsa-65 = []
+backend-mldsa-87 = []
 
 log-all = []
 log-none = []

src/sizes.rs

@@ -30,17 +30,17 @@ pub const LARGE_BLOB_MAX_FRAGMENT_LENGTH: usize = 3008;
 
 // TODO: update these, and grab them from a common crate?
 cfg_if::cfg_if! {
-    if #[cfg(feature = "backend-dilithium5")] {
+    if #[cfg(feature = "backend-mldsa-87")] {
         pub const MAX_MESSAGE_LENGTH: usize = MAX_COMMITTMENT_LENGTH;
         pub const MAX_CREDENTIAL_ID_LENGTH: usize = 7523 + 57 + 30 + 37;
         pub const AUTHENTICATOR_DATA_LENGTH: usize = MAX_CREDENTIAL_ID_LENGTH + 2031; // TODO: this will have to be larger
         pub const ASN1_SIGNATURE_LENGTH: usize = 4627;
-    } else if #[cfg(feature = "backend-dilithium3")] {
+    } else if #[cfg(feature = "backend-mldsa-65")] {
         pub const MAX_MESSAGE_LENGTH: usize = MAX_COMMITTMENT_LENGTH;
         pub const MAX_CREDENTIAL_ID_LENGTH: usize =  6019 + 57 + 30 + 37;
         pub const AUTHENTICATOR_DATA_LENGTH: usize = MAX_CREDENTIAL_ID_LENGTH + 2031;
         pub const ASN1_SIGNATURE_LENGTH: usize = 3309;
-    } else if #[cfg(feature = "backend-dilithium2")] {
+    } else if #[cfg(feature = "backend-mldsa-44")] {
         pub const MAX_MESSAGE_LENGTH: usize = MAX_COMMITTMENT_LENGTH;
         pub const MAX_CREDENTIAL_ID_LENGTH: usize = 3907 + 57 + 30 + 37;
         pub const AUTHENTICATOR_DATA_LENGTH: usize = MAX_CREDENTIAL_ID_LENGTH + 2031; // TODO: this can be smaller

src/webauthn.rs

@@ -158,25 +158,25 @@ pub enum UnknownPKCredentialParam {
 pub const ES256: i32 = -7;
 /// EdDSA
 pub const ED_DSA: i32 = -8;
-/// Dilithium2
-#[cfg(feature = "backend-dilithium2")]
-pub const DILITHIUM2: i32 = -87;
-#[cfg(feature = "backend-dilithium3")]
-pub const DILITHIUM3: i32 = -88;
-#[cfg(feature = "backend-dilithium5")]
-pub const DILITHIUM5: i32 = -89;
+/// ML0DSA
+#[cfg(feature = "backend-mldsa-44")]
+pub const MLDSA44: i32 = -87;
+#[cfg(feature = "backend-mldsa-65")]
+pub const MLDSA65: i32 = -88;
+#[cfg(feature = "backend-mldsa-87")]
+pub const MLDSA87: i32 = -89;
 
 // Dynamically calculate the number of different known algorithms
 pub const COUNT_KNOWN_ALGS: usize =
-    2 + (if cfg!(feature = "backend-dilithium2") {
+    2 + (if cfg!(feature = "backend-mldsa-44") {
         1
     } else {
         0
-    }) + (if cfg!(feature = "backend-dilithium3") {
+    }) + (if cfg!(feature = "backend-mldsa-65") {
         1
     } else {
         0
-    }) + (if cfg!(feature = "backend-dilithium5") {
+    }) + (if cfg!(feature = "backend-mldsa-87") {
         1
     } else {
         0
@@ -185,12 +185,12 @@ pub const COUNT_KNOWN_ALGS: usize =
 pub const KNOWN_ALGS: [i32; COUNT_KNOWN_ALGS] = [
     ES256,
     ED_DSA,
-    #[cfg(feature = "backend-dilithium2")]
-    DILITHIUM2,
-    #[cfg(feature = "backend-dilithium3")]
-    DILITHIUM3,
-    #[cfg(feature = "backend-dilithium5")]
-    DILITHIUM5,
+    #[cfg(feature = "backend-mldsa-44")]
+    MLDSA44,
+    #[cfg(feature = "backend-mldsa-65")]
+    MLDSA65,
+    #[cfg(feature = "backend-mldsa-87")]
+    MLDSA87,
 ];
 
 impl TryFrom<PublicKeyCredentialParameters> for KnownPublicKeyCredentialParameters {