Add support for MLDSA keys (#631)

* WIP. * WIP * WIP Edit * Key selection. * WIP * WIP * Proxy through * WIP * Remove verify. * Migration. * Comment * Add param * Semi-offering key * Ignore updates if test build. * Fix rsa public key gen * Messily fix RSA * Remove 1024 bit rsa * Cleanup * Cleanup * MLDSA warning. * MLDSA working. * Strings. * Put back UI changes
2026-03-06 09:47:22 +01:00 · 2025-08-24 20:02:51 -07:00
parent e8c5336888
commit 828c61cb2f
8 changed files with 81 additions and 17 deletions
--- a/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHPublicKeyWriter.swift
+++ b/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHPublicKeyWriter.swift
@@ -17,6 +17,10 @@ public struct OpenSSHPublicKeyWriter: Sendable {
            openSSHIdentifier(for: secret.keyType).lengthAndData +
            ("nistp" + String(describing: secret.keyType.size)).lengthAndData +
            secret.publicKey.lengthAndData
+        case .mldsa:
+            // https://www.ietf.org/archive/id/draft-sfluhrer-ssh-mldsa-04.txt
+            openSSHIdentifier(for: secret.keyType).lengthAndData +
+            secret.publicKey.lengthAndData
        case .rsa:
            // https://datatracker.ietf.org/doc/html/rfc4253#section-6.6
            openSSHIdentifier(for: secret.keyType).lengthAndData +
@@ -72,8 +76,14 @@ extension OpenSSHPublicKeyWriter {
    /// - Returns: The OpenSSH identifier for the algorithm.
    public func openSSHIdentifier(for keyType: KeyType) -> String {
        switch (keyType.algorithm, keyType.size) {
-        case (.ecdsa, 256), (.ecdsa, 384):
-            "ecdsa-sha2-nistp" + String(describing: keyType.size)
+        case (.ecdsa, 256):
+            "ecdsa-sha2-nistp256"
+        case (.ecdsa, 384):
+            "ecdsa-sha2-nistp384"
+        case (.mldsa, 65):
+            "ssh-mldsa-65"
+        case (.mldsa, 87):
+            "ssh-mldsa-87"
        case (.rsa, _):
            "ssh-rsa"
        default:
--- a/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHSignatureWriter.swift
+++ b/Sources/Packages/Sources/SecretKit/OpenSSH/OpenSSHSignatureWriter.swift
@@ -15,6 +15,9 @@ public struct OpenSSHSignatureWriter: Sendable {
        case .ecdsa:
            // https://datatracker.ietf.org/doc/html/rfc5656#section-3.1
            ecdsaSignature(signature, keyType: secret.keyType)
+        case .mldsa:
+            // https://datatracker.ietf.org/doc/html/draft-sfluhrer-ssh-mldsa-00#name-public-key-algorithms
+            mldsaSignature(signature, keyType: secret.keyType)
        case .rsa:
            // https://datatracker.ietf.org/doc/html/rfc4253#section-6.6
            rsaSignature(signature)
@@ -51,6 +54,15 @@ extension OpenSSHSignatureWriter {
        return mutSignedData
    }

+    func mldsaSignature(_ rawRepresentation: Data, keyType: KeyType) -> Data {
+        var mutSignedData = Data()
+        var sub = Data()
+        sub.append(OpenSSHPublicKeyWriter().openSSHIdentifier(for: keyType).lengthAndData)
+        sub.append(rawRepresentation.lengthAndData)
+        mutSignedData.append(sub.lengthAndData)
+        return mutSignedData
+    }
+
    func rsaSignature(_ rawRepresentation: Data) -> Data {
        var mutSignedData = Data()
        var sub = Data()
--- a/Sources/Packages/Sources/SecretKit/Types/Secret.swift
+++ b/Sources/Packages/Sources/SecretKit/Types/Secret.swift
@@ -35,6 +35,7 @@ public struct KeyType: Hashable, Sendable, Codable, CustomStringConvertible {
    
    public enum Algorithm: Hashable, Sendable, Codable {
        case ecdsa
+        case mldsa
        case rsa
    }

@@ -67,6 +68,8 @@ public struct KeyType: Hashable, Sendable, Codable, CustomStringConvertible {
            kSecAttrKeyTypeEC
        case .rsa:
            kSecAttrKeyTypeRSA
+        case .mldsa:
+            nil
        }
    }
    
--- a/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
+++ b/Sources/Packages/Sources/SecureEnclaveSecretKit/SecureEnclaveStore.swift
@@ -39,10 +39,10 @@ extension SecureEnclave {
                context = existing.context
            } else {
                let newContext = LAContext()
-                newContext.localizedCancelTitle = String(localized: "auth_context_request_deny_button")
+                newContext.localizedReason = String(localized: .authContextRequestSignatureDescription(appName: provenance.origin.displayName, secretName: secret.name))
+                newContext.localizedCancelTitle = String(localized: .authContextRequestDenyButton)
                context = newContext
            }
-            context.localizedReason = String(localized: "auth_context_request_signature_description_\(provenance.origin.displayName)_\(secret.name)")

            let queryAttributes = KeychainDictionary([
                kSecClass: Constants.keyClass,
@@ -68,8 +68,16 @@ extension SecureEnclave {

            switch (attributes.keyType.algorithm, attributes.keyType.size) {
            case (.ecdsa, 256):
-                let key = try CryptoKit.SecureEnclave.P256.Signing.PrivateKey(dataRepresentation: keyData)
+                let key = try CryptoKit.SecureEnclave.P256.Signing.PrivateKey(dataRepresentation: keyData, authenticationContext: context)
                return try key.signature(for: data).rawRepresentation
+            case (.mldsa, 65):
+                guard #available(macOS 26.0, *)  else { throw UnsupportedAlgorithmError() }
+                let key = try CryptoKit.SecureEnclave.MLDSA65.PrivateKey(dataRepresentation: keyData)
+                return try key.signature(for: data)
+            case (.mldsa, 87):
+                guard #available(macOS 26.0, *)  else { throw UnsupportedAlgorithmError() }
+                let key = try CryptoKit.SecureEnclave.MLDSA87.PrivateKey(dataRepresentation: keyData)
+                return try key.signature(for: data)
            default:
                throw UnsupportedAlgorithmError()
            }
@@ -115,6 +123,14 @@ extension SecureEnclave {
            case (.ecdsa, 256):
                let created = try CryptoKit.SecureEnclave.P256.Signing.PrivateKey(accessControl: access!)
                dataRep = created.dataRepresentation
+            case (.mldsa, 65):
+                guard #available(macOS 26.0, *) else { throw Attributes.UnsupportedOptionError() }
+                let created = try CryptoKit.SecureEnclave.MLDSA65.PrivateKey(accessControl: access!)
+                dataRep = created.dataRepresentation
+            case (.mldsa, 87):
+                guard #available(macOS 26.0, *) else { throw Attributes.UnsupportedOptionError() }
+                let created = try CryptoKit.SecureEnclave.MLDSA87.PrivateKey(accessControl: access!)
+                dataRep = created.dataRepresentation
            default:
                throw Attributes.UnsupportedOptionError()
            }
@@ -127,7 +143,8 @@ extension SecureEnclave {
                kSecClass: Constants.keyClass,
                kSecAttrService: Constants.keyTag,
                kSecUseDataProtectionKeychain: true,
-                kSecAttrAccount: String(decoding: secret.id, as: UTF8.self)
+                kSecAttrAccount: String(decoding: secret.id, as: UTF8.self),
+                kSecAttrCanSign: true,
            ])
            let status = SecItemDelete(deleteAttributes)
            if status != errSecSuccess {
@@ -156,6 +173,8 @@ extension SecureEnclave {
        public var supportedKeyTypes: [KeyType] {
            [
                .init(algorithm: .ecdsa, size: 256),
+                .init(algorithm: .mldsa, size: 65),
+                .init(algorithm: .mldsa, size: 87),
            ]
        }

@@ -205,6 +224,14 @@ extension SecureEnclave.Store {
                case (.ecdsa, 256):
                    let key = try CryptoKit.SecureEnclave.P256.Signing.PrivateKey(dataRepresentation: keyData)
                    publicKey = key.publicKey.x963Representation
+                case (.mldsa, 65):
+                    guard #available(macOS 26.0, *)  else { throw UnsupportedAlgorithmError() }
+                    let key = try CryptoKit.SecureEnclave.MLDSA65.PrivateKey(dataRepresentation: keyData)
+                    publicKey = key.publicKey.rawRepresentation
+                case (.mldsa, 87):
+                    guard #available(macOS 26.0, *)  else { throw UnsupportedAlgorithmError() }
+                    let key = try CryptoKit.SecureEnclave.MLDSA87.PrivateKey(dataRepresentation: keyData)
+                    publicKey = key.publicKey.rawRepresentation
                default:
                    throw UnsupportedAlgorithmError()
                }