From c0df1ac909afb61b65a7c48a5baee04b2aa30f93 Mon Sep 17 00:00:00 2001
From: Daniel Van Geest <daniel.vangeest@cryptonext-security.com>
Date: Fri, 11 Oct 2024 12:31:06 +0100
Subject: [PATCH 1/5] Add ASN.1 module

---
 draft-ietf-lamps-kyber-certificates.md | 84 ++++++++++++++++++++++++--
 1 file changed, 79 insertions(+), 5 deletions(-)

diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md
index d1d4b7e..07b8059 100644
--- a/draft-ietf-lamps-kyber-certificates.md
+++ b/draft-ietf-lamps-kyber-certificates.md
@@ -183,7 +183,7 @@ The fields in AlgorithmIdentifier have the following meanings:
   the algorithm identifier in the algorithm field.
 
 The AlgorithmIdentifier for a ML-KEM public key MUST use one of the
-id-alg-ml-kem object identifiers listed below, based on the security
+id-alg-ml-kem-* object identifiers listed below, based on the security
 level. The parameters field of the AlgorithmIdentifier for the ML-KEM
 public key MUST be absent.
 
@@ -193,6 +193,17 @@ certificate extension MUST only contain keyEncipherment
 {{Section 4.2.1.3 of RFC5280}}.
 
 ~~~
+  nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
+    country(16) us(840) organization(1) gov(101) csor(3)
+    nistAlgorithm(4) }
+  kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
+
+  id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
+
+  id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
+
+  id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
+
   pk-ml-kem-512 PUBLIC-KEY ::= {
     IDENTIFIER id-alg-ml-kem-512
     -- KEY no ASN.1 wrapping --
@@ -357,10 +368,70 @@ prior example, the textual encoding defined in {{RFC7468}} is used:
   key pair and widest ability to import the key.
 </aside>
 
-# ASN.1 Module
+# ASN.1 Module {#asn1}
+
+~~~
+  X509-ML-KEM-2024
+  { iso(1) identified-organization(3) dod(6)
+    internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
+    id-mod-x509-ml-kem-2024(TBD2) }
+
+  DEFINITIONS IMPLICIT TAGS ::= BEGIN
+
+  EXPORTS ALL;
+
+  IMPORTS
+    KEM-ALGORITHM
+      FROM KEMAlgorithmInformation-2023  -- [RFC 9629]
+        { iso(1) identified-organization(3) dod(6) internet(1)
+          security(5) mechanisms(5) pkix(7) id-mod(0)
+          id-mod-kemAlgorithmInformation-2023(109) };
+
+  --
+  -- ML-KEM Identifiers
+  --
+
+  nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
+    country(16) us(840) organization(1) gov(101) csor(3)
+    nistAlgorithm(4) }
+  kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
+
+  id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
+
+  id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
+
+  id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
+
+  --
+  -- ML-KEM Public Keys
+  --
+
+  pk-ml-kem-512 PUBLIC-KEY ::= {
+    IDENTIFIER id-alg-ml-kem-512
+    -- KEY no ASN.1 wrapping --
+    PARAMS ARE absent
+    CERT-KEY-USAGE { keyEncipherment }
+    --- PRIVATE-KEY no ASN.1 wrapping --
+    }
+
+  pk-ml-kem-768 PUBLIC-KEY ::= {
+    IDENTIFIER id-alg-ml-kem-768
+    -- KEY no ASN.1 wrapping --
+    PARAMS ARE absent
+    CERT-KEY-USAGE { keyEncipherment }
+    --- PRIVATE-KEY no ASN.1 wrapping --
+    }
 
-TODO ASN.1 Module
+  pk-ml-kem-1024 PUBLIC-KEY ::= {
+    IDENTIFIER id-alg-ml-kem-1024
+    -- KEY no ASN.1 wrapping --
+    PARAMS ARE absent
+    CERT-KEY-USAGE { keyEncipherment }
+    --- PRIVATE-KEY no ASN.1 wrapping --
+    }
 
+  END
+~~~
 
 # Security Considerations
 
@@ -372,8 +443,11 @@ The Security Considerations section of {{RFC5280}} applies to this specification
 
 # IANA Considerations
 
-This document will have some IANA actions.
-
+For the ASN.1 Module in {{asn1}}, IANA is requested to assign an
+object identifier (OID) for the module identifier (TBD2) with a
+Description of "id-mod-x509-ml-kem-2024".  The OID for the module
+should be allocated in the "SMI Security for PKIX Module Identifier"
+registry (1.3.6.1.5.5.7.0).
 
 --- back
 

From 8a55a064e858eeb7963c5f92b78fb6c98c3ec1b2 Mon Sep 17 00:00:00 2001
From: Daniel Van Geest <daniel.vangeest@cryptonext-security.com>
Date: Fri, 11 Oct 2024 14:18:10 +0100
Subject: [PATCH 2/5] Move ASN.1 module to .asn file, add missing IMPORT

---
 Makefile                               |  1 +
 X509-ML-KEM-2024.asn                   | 66 ++++++++++++++++++++++++++
 draft-ietf-lamps-kyber-certificates.md | 63 ++----------------------
 3 files changed, 70 insertions(+), 60 deletions(-)
 create mode 100644 X509-ML-KEM-2024.asn

diff --git a/Makefile b/Makefile
index de46d56..f41b55e 100644
--- a/Makefile
+++ b/Makefile
@@ -1,3 +1,4 @@
+DEPS_FILES := X509-ML-KEM-2024.asn
 LIBDIR := lib
 include $(LIBDIR)/main.mk
 
diff --git a/X509-ML-KEM-2024.asn b/X509-ML-KEM-2024.asn
new file mode 100644
index 0000000..e1341cb
--- /dev/null
+++ b/X509-ML-KEM-2024.asn
@@ -0,0 +1,66 @@
+X509-ML-KEM-2024
+{ iso(1) identified-organization(3) dod(6)
+  internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
+  id-mod-x509-ml-kem-2024(TBD2) }
+
+DEFINITIONS IMPLICIT TAGS ::= BEGIN
+
+EXPORTS ALL;
+
+IMPORTS
+  PUBLIC-KEY
+    FROM AlgorithmInformation-2009  -- RFC 5912 [X509ASN1]
+      { iso(1) identified-organization(3) dod(6) internet(1)
+        security(5) mechanisms(5) pkix(7) id-mod(0)
+        id-mod-algorithmInformation-02(58) }
+
+  KEM-ALGORITHM
+    FROM KEMAlgorithmInformation-2023  -- [RFC 9629]
+      { iso(1) identified-organization(3) dod(6) internet(1)
+        security(5) mechanisms(5) pkix(7) id-mod(0)
+        id-mod-kemAlgorithmInformation-2023(109) };
+
+--
+-- ML-KEM Identifiers
+--
+
+nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
+  country(16) us(840) organization(1) gov(101) csor(3)
+  nistAlgorithm(4) }
+kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
+
+id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
+
+id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
+
+id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
+
+--
+-- ML-KEM Public Keys
+--
+
+pk-ml-kem-512 PUBLIC-KEY ::= {
+  IDENTIFIER id-alg-ml-kem-512
+  -- KEY no ASN.1 wrapping --
+  PARAMS ARE absent
+  CERT-KEY-USAGE { keyEncipherment }
+  --- PRIVATE-KEY no ASN.1 wrapping --
+  }
+
+pk-ml-kem-768 PUBLIC-KEY ::= {
+  IDENTIFIER id-alg-ml-kem-768
+  -- KEY no ASN.1 wrapping --
+  PARAMS ARE absent
+  CERT-KEY-USAGE { keyEncipherment }
+  --- PRIVATE-KEY no ASN.1 wrapping --
+  }
+
+pk-ml-kem-1024 PUBLIC-KEY ::= {
+  IDENTIFIER id-alg-ml-kem-1024
+  -- KEY no ASN.1 wrapping --
+  PARAMS ARE absent
+  CERT-KEY-USAGE { keyEncipherment }
+  --- PRIVATE-KEY no ASN.1 wrapping --
+  }
+
+END
diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md
index 07b8059..511332c 100644
--- a/draft-ietf-lamps-kyber-certificates.md
+++ b/draft-ietf-lamps-kyber-certificates.md
@@ -371,66 +371,9 @@ prior example, the textual encoding defined in {{RFC7468}} is used:
 # ASN.1 Module {#asn1}
 
 ~~~
-  X509-ML-KEM-2024
-  { iso(1) identified-organization(3) dod(6)
-    internet(1) security(5) mechanisms(5) pkix(7) id-mod(0)
-    id-mod-x509-ml-kem-2024(TBD2) }
-
-  DEFINITIONS IMPLICIT TAGS ::= BEGIN
-
-  EXPORTS ALL;
-
-  IMPORTS
-    KEM-ALGORITHM
-      FROM KEMAlgorithmInformation-2023  -- [RFC 9629]
-        { iso(1) identified-organization(3) dod(6) internet(1)
-          security(5) mechanisms(5) pkix(7) id-mod(0)
-          id-mod-kemAlgorithmInformation-2023(109) };
-
-  --
-  -- ML-KEM Identifiers
-  --
-
-  nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
-    country(16) us(840) organization(1) gov(101) csor(3)
-    nistAlgorithm(4) }
-  kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
-
-  id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
-
-  id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
-
-  id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
-
-  --
-  -- ML-KEM Public Keys
-  --
-
-  pk-ml-kem-512 PUBLIC-KEY ::= {
-    IDENTIFIER id-alg-ml-kem-512
-    -- KEY no ASN.1 wrapping --
-    PARAMS ARE absent
-    CERT-KEY-USAGE { keyEncipherment }
-    --- PRIVATE-KEY no ASN.1 wrapping --
-    }
-
-  pk-ml-kem-768 PUBLIC-KEY ::= {
-    IDENTIFIER id-alg-ml-kem-768
-    -- KEY no ASN.1 wrapping --
-    PARAMS ARE absent
-    CERT-KEY-USAGE { keyEncipherment }
-    --- PRIVATE-KEY no ASN.1 wrapping --
-    }
-
-  pk-ml-kem-1024 PUBLIC-KEY ::= {
-    IDENTIFIER id-alg-ml-kem-1024
-    -- KEY no ASN.1 wrapping --
-    PARAMS ARE absent
-    CERT-KEY-USAGE { keyEncipherment }
-    --- PRIVATE-KEY no ASN.1 wrapping --
-    }
-
-  END
+<CODE BEGINS>
+{::include X509-ML-KEM-2024.asn}
+<CODE ENDS>
 ~~~
 
 # Security Considerations

From fceaad6caf8aca6711196fa8cf46bf9e9a9c39ea Mon Sep 17 00:00:00 2001
From: Daniel Van Geest <daniel.vangeest@cryptonext-security.com>
Date: Mon, 14 Oct 2024 11:12:19 +0100
Subject: [PATCH 3/5] Fix reference in ASN.1

---
 X509-ML-KEM-2024.asn | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/X509-ML-KEM-2024.asn b/X509-ML-KEM-2024.asn
index e1341cb..0a52ee7 100644
--- a/X509-ML-KEM-2024.asn
+++ b/X509-ML-KEM-2024.asn
@@ -9,7 +9,7 @@ EXPORTS ALL;
 
 IMPORTS
   PUBLIC-KEY
-    FROM AlgorithmInformation-2009  -- RFC 5912 [X509ASN1]
+    FROM AlgorithmInformation-2009  -- [RFC 5912]
       { iso(1) identified-organization(3) dod(6) internet(1)
         security(5) mechanisms(5) pkix(7) id-mod(0)
         id-mod-algorithmInformation-02(58) }

From 9afeb86b9820832bdefb18ff6f0e418de413a073 Mon Sep 17 00:00:00 2001
From: Sean Turner <sean@sn3rd.com>
Date: Mon, 14 Oct 2024 11:23:34 -0400
Subject: [PATCH 4/5] Remove text about OIDs being added later

---
 draft-ietf-lamps-kyber-certificates.md | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md
index 511332c..6b0a672 100644
--- a/draft-ietf-lamps-kyber-certificates.md
+++ b/draft-ietf-lamps-kyber-certificates.md
@@ -229,15 +229,6 @@ certificate extension MUST only contain keyEncipherment
     }
 ~~~
 
-
-
-<aside markdown="block">
-  NOTE: As noted in Section 3, the values for these object identifers
-  will be assigned by NIST.  Once assigned, they will be added to a future
-  revision of this document.
-</aside>
-
-
 # Subject Public Key Fields
 
 In the X.509 certificate, the subjectPublicKeyInfo field has the

From d91a1360df0635f7ca4f18dee3acd775d0017a54 Mon Sep 17 00:00:00 2001
From: Daniel Van Geest <danvan3000@gmail.com>
Date: Tue, 15 Oct 2024 16:32:29 +0100
Subject: [PATCH 5/5] Apply suggestions from code review

Co-authored-by: Sean Turner <sean@sn3rd.com>
---
 X509-ML-KEM-2024.asn                   | 27 ++++++++++++++++++++++++++
 draft-ietf-lamps-kyber-certificates.md |  1 +
 2 files changed, 28 insertions(+)

diff --git a/X509-ML-KEM-2024.asn b/X509-ML-KEM-2024.asn
index 0a52ee7..82f5fae 100644
--- a/X509-ML-KEM-2024.asn
+++ b/X509-ML-KEM-2024.asn
@@ -27,6 +27,7 @@ IMPORTS
 nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
   country(16) us(840) organization(1) gov(101) csor(3)
   nistAlgorithm(4) }
+
 kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
 
 id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }
@@ -35,6 +36,32 @@ id-alg-ml-kem-768 OBJECT IDENTIFIER ::= { kems 2 }
 
 id-alg-ml-kem-1024 OBJECT IDENTIFIER ::= { kems 3 }
 
+--
+
+  --
+  -- Public Key Algorithms
+  --
+  -- To use the following with the PKIX1Explicit-2009 [RFC5912], replace the PublicKeyAlgorithms
+  -- therein with the following:
+  --
+  -- PublicKeyAlgorithms PUBLIC-KEY ::= {
+  --   PKIXAlgs-2009.PublicKeys,
+  --   ...,
+  --   PKIX1-PSS-OAEP-Algorithms-2009.PublicKeys,
+  --   X509-ML-KEM-2024.PublicKeys }
+
+  --
+  -- Public Key (pk-) Algorithms
+  --
+  
+  PublicKeys PUBLIC-KEY ::= {
+    -- This expands PublicKeys from RFC 5912
+    pk-ml-kem-512 |
+    pk-ml-kem-768 |
+    pk-ml-kem-1024,
+    ...
+  }
+
 --
 -- ML-KEM Public Keys
 --
diff --git a/draft-ietf-lamps-kyber-certificates.md b/draft-ietf-lamps-kyber-certificates.md
index 6b0a672..3b4690f 100644
--- a/draft-ietf-lamps-kyber-certificates.md
+++ b/draft-ietf-lamps-kyber-certificates.md
@@ -196,6 +196,7 @@ certificate extension MUST only contain keyEncipherment
   nistAlgorithms OBJECT IDENTIFIER ::= { joint-iso-ccitt(2)
     country(16) us(840) organization(1) gov(101) csor(3)
     nistAlgorithm(4) }
+
   kems OBJECT IDENTIFIER ::= { nistAlgorithms 4 }
 
   id-alg-ml-kem-512 OBJECT IDENTIFIER ::= { kems 1 }