Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Move examples #48

Merged
merged 8 commits into from
Oct 18, 2024
Merged

Move examples #48

Changes from 4 commits
Commits
Show all changes
8 commits
Select commit Hold shift + click to select a range
e8f43ce
Move examples
seanturner Oct 15, 2024
cc69f50
fix {} count
seanturner Oct 18, 2024
ca862be
fix spelling
seanturner Oct 18, 2024
f677315
fix {} count
seanturner Oct 18, 2024
0001279
example is 768
seanturner Oct 18, 2024
95776d9
example is 768
seanturner Oct 18, 2024
4a79829
example is 768
seanturner Oct 18, 2024
b4d14f3
Merge branch 'main' into seanturner-move-examples
seanturner Oct 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
104 changes: 50 additions & 54 deletions draft-ietf-lamps-kyber-certificates.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -101,21 +101,10 @@ specifies algorithm identifiers and ASN.1 encoding format for ML-KEM in
public key certificates. The encoding for public and private keys are
also provided.

\[EDNOTE:
This document is not expected to be finalized before the NIST PQC
Project has standardized PQ algorithms. This specification will use
object identifiers for the new algorithms that are assigned by NIST,
and will use placeholders until these are released.]

--- middle

# Introduction

<aside markdown="block">
WARNING: This I-D includes examples. These examples were generated
prior to NIST finalizing [DRAFTFIPS203].
</aside>

Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM), previously
known as known as Kyber, is a quantum-resistant key-encapsulation
mechanism (KEM) standardized by the US NIST PQC Project {{NIST-PQC}}
Expand Down Expand Up @@ -253,20 +242,8 @@ The fields in SubjectPublicKeyInfo have the following meaning:
algorithms defined in this document always encode the public key
as TODO pick format e.g., exact multiple of 8 bits?.

The following is an example of a ML-KEM-512 public key encoded using the
textual encoding defined in {{?RFC7468}}:

<aside markdown="block">
WARNING: This example was generated prior to NIST
finalizing [DRAFTFIPS203].
</aside>

~~~
-----BEGIN PUBLIC KEY-----
TODO insert example public key
-----END PUBLIC KEY-------
~~~

{{example-public}} contains an example of an id-alg-ml-kem-768 public key
encoded using the textual encoding defined in {{?RFC7468}}.

# Private Key Format

Expand Down Expand Up @@ -319,35 +296,6 @@ PqckemPrivateKey object and wrapped by the OCTET STRING of the
PqckemPrivateKey ::= OCTET STRING
~~~

The following is an example of a ML-KEM-512 private key encoded using the
textual encoding defined in {{RFC7468}}:

<aside markdown="block">
WARNING: This example was generated prior to NIST
finalizing [DRAFTFIPS203].
</aside>

~~~
-----BEGIN PRIVATE KEY-----
TODO iser example private key
-----END PRIVATE KEY-------
~~~

The following example, in addition to encoding the ML-KEM-512 private key,
has an attribute included as well as the public key. As with the
prior example, the textual encoding defined in {{RFC7468}} is used:

<aside markdown="block">
WARNING: This example was generated prior to NIST
finalizing [DRAFTFIPS203].
</aside>

~~~
-----BEGIN PRIVATE KEY-----
TODO insert example private key with attribute
-----END PRIVATE KEY-------
~~~

<aside markdown="block">
NOTE: There exist some private key import functions that have not
implemented the new ASN.1 structure OneAsymmetricKey that is defined in
Expand All @@ -357,6 +305,9 @@ prior example, the textual encoding defined in {{RFC7468}} is used:
key pair and widest ability to import the key.
</aside>

{{example-private}} contains an example of an id-alg-ml-kem-768 private key
encoded using the textual encoding defined in {{?RFC7468}}.

# ASN.1 Module

TODO ASN.1 Module
Expand All @@ -377,6 +328,51 @@ This document will have some IANA actions.

--- back

# Examples {#examples}

This appendix contains examples of ML-KEM public keys, private keys and certificates.

## Example Public Key {#example-public}

The following is an example of a ML-KEM-512 public key:
seanturner marked this conversation as resolved.
Show resolved Hide resolved

~~~
-----BEGIN PUBLIC KEY-----
TODO insert example public key
-----END PUBLIC KEY-------
~~~

## Example Private Key {#example-private}

The following is an example of a ML-KEM-512 private key:
seanturner marked this conversation as resolved.
Show resolved Hide resolved
seanturner marked this conversation as resolved.
Show resolved Hide resolved

~~~
-----BEGIN PRIVATE KEY-----
TODO insert example private key
-----END PRIVATE KEY-------
~~~

The following example, in addition to encoding the ML-KEM-512 private key,
seanturner marked this conversation as resolved.
Show resolved Hide resolved
has an attribute included as well as the public key:

~~~
-----BEGIN PRIVATE KEY-----
TODO insert example private key with attribute
-----END PRIVATE KEY-------
~~~

## Example Certificate {#example-certificate}

~~~
TODO insert ASN.1 Pretty Print
~~~

~~~
-----BEGIN CERTIFICATE-----
TODO Certificate
-----END CERTIFICATE-------
~~~

# Acknowledgments
{:numbered="false"}

Expand Down