From 05a1475950c9720cefe74995da1af3ecef0317b5 Mon Sep 17 00:00:00 2001 From: Sean Turner Date: Thu, 17 Oct 2024 21:50:07 -0400 Subject: [PATCH] Move examples (#48) * Move examples Moved the examples to an Appendix. * fix {} count Co-authored-by: Daniel Van Geest * fix spelling Co-authored-by: Daniel Van Geest * fix {} count Co-authored-by: Daniel Van Geest * example is 768 * example is 768 * example is 768 --------- Co-authored-by: Daniel Van Geest --- draft-ietf-lamps-kyber-certificates.md | 104 ++++++++++++------------- 1 file changed, 50 insertions(+), 54 deletions(-) diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md index e5f9661..7fc2fce 100644 --- a/draft-ietf-lamps-kyber-certificates.md +++ b/draft-ietf-lamps-kyber-certificates.md @@ -91,21 +91,10 @@ specifies algorithm identifiers and ASN.1 encoding format for ML-KEM in public key certificates. The encoding for public and private keys are also provided. -\[EDNOTE: -This document is not expected to be finalized before the NIST PQC -Project has standardized PQ algorithms. This specification will use -object identifiers for the new algorithms that are assigned by NIST, -and will use placeholders until these are released.] - --- middle # Introduction - - The Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) standardized in {{!FIPS203=DOI.10.6028/NIST.FIPS.203}} is a quantum-resistant key-encapsulation mechanism (KEM) standardized by the US National Institute of Standards and Technology (NIST) @@ -244,20 +233,8 @@ The fields in SubjectPublicKeyInfo have the following meaning: algorithms defined in this document always encode the public key as TODO pick format e.g., exact multiple of 8 bits?. -The following is an example of a ML-KEM-512 public key encoded using the -textual encoding defined in {{?RFC7468}}: - - - -~~~ - -----BEGIN PUBLIC KEY----- - TODO insert example public key - -----END PUBLIC KEY------- -~~~ - +{{example-public}} contains an example of an id-alg-ml-kem-768 public key +encoded using the textual encoding defined in {{?RFC7468}}. # Private Key Format @@ -310,35 +287,6 @@ PqckemPrivateKey object and wrapped by the OCTET STRING of the PqckemPrivateKey ::= OCTET STRING ~~~ -The following is an example of a ML-KEM-512 private key encoded using the -textual encoding defined in {{RFC7468}}: - - - -~~~ - -----BEGIN PRIVATE KEY----- - TODO iser example private key - -----END PRIVATE KEY------- -~~~ - -The following example, in addition to encoding the ML-KEM-512 private key, -has an attribute included as well as the public key. As with the -prior example, the textual encoding defined in {{RFC7468}} is used: - - - -~~~ - -----BEGIN PRIVATE KEY----- - TODO insert example private key with attribute - -----END PRIVATE KEY------- -~~~ - +{{example-private}} contains an example of an id-alg-ml-kem-768 private key +encoded using the textual encoding defined in {{?RFC7468}}. + # ASN.1 Module TODO ASN.1 Module @@ -368,6 +319,51 @@ This document will have some IANA actions. --- back +# Examples {#examples} + +This appendix contains examples of ML-KEM public keys, private keys and certificates. + +## Example Public Key {#example-public} + +The following is an example of a ML-KEM-768 public key: + +~~~ + -----BEGIN PUBLIC KEY----- + TODO insert example public key + -----END PUBLIC KEY------- +~~~ + +## Example Private Key {#example-private} + +The following is an example of a ML-KEM-768 private key: + +~~~ + -----BEGIN PRIVATE KEY----- + TODO insert example private key + -----END PRIVATE KEY------- +~~~ + +The following example, in addition to encoding the ML-KEM-768 private key, +has an attribute included as well as the public key: + +~~~ + -----BEGIN PRIVATE KEY----- + TODO insert example private key with attribute + -----END PRIVATE KEY------- +~~~ + +## Example Certificate {#example-certificate} + +~~~ + TODO insert ASN.1 Pretty Print +~~~ + +~~~ + -----BEGIN CERTIFICATE----- + TODO Certificate + -----END CERTIFICATE------- +~~~ + # Acknowledgments {:numbered="false"}