Skip to content

Adding ML-DSA support #43857

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
Jonaka3385 wants to merge 1 commit into
base: main
Choose a base branch
from
Draft

Adding ML-DSA support #43857

Jonaka3385 wants to merge 1 commit into from

Conversation

@Jonaka3385
Copy link

@Jonaka3385 Jonaka3385 commented Oct 30, 2025

Adding providers for ML-DSA and AKP Public JWK.

Contains Server, Client and Signature Providers; Contains KeyProviders; Contains AKPPublicJWK; Currently works with BouncyCastlePQCProvider and Dilithium, will be changed to BouncyCastleProvider and ML-DSA when unknown error is resolved; Tests will be added; webauthn4j does not support ML-DSA at the moment.

Closes #43684

@stianst stianst self-assigned this Oct 31, 2025
@stianst stianst self-requested a review October 31, 2025 11:46
stianst
stianst reviewed Oct 31, 2025
View reviewed changes
Copy link
Contributor

@stianst stianst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice work, will try to find time to look at this more in detail next week.

I suspect we need to descope the initial PR a bit though, especially since this will need tests added as well.

Honestly I'd probably start with just supporting one ML-DSA variant, let's say 44, not touch SAML, WebAuthN, etc.

That will reduce the size of the initial PR signficantly.

@stianst
Copy link
Contributor

stianst commented Oct 31, 2025

Why do you need BouncyCastlePQCProvider? Java 25 onwards support ML-DSA.

@Jonaka3385
Copy link
Author

Jonaka3385 commented Oct 31, 2025

Why do you need BouncyCastlePQCProvider? Java 25 onwards support ML-DSA.

I thought it would be good to have some backwards compatibility. With BouncyCastle, you can use Java 8 or later.

stianst
stianst requested changes Nov 7, 2025
View reviewed changes
Copy link
Contributor

@stianst stianst left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done a partial review for now; two things we'll need is this needs to be wrapped in a feature and marked as experimental. Second is we need tests.

In general this looks like a very good start.

js/package-lock.json Outdated
Copy link
Contributor

@stianst stianst Nov 7, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove

@stianst
Copy link
Contributor

stianst commented Nov 7, 2025

In terms of testing and reviews it may be better to break this up slightly, so we can start getting things merged.

I would probably have broken this down into the following separate PRs:

  • JWK support
  • Keys
  • SignatureProviderFactory
  • ClientSignatureVerifierProviderFactory

Let me know what you think about that.

@Jonaka3385
Copy link
Author

Jonaka3385 commented Nov 7, 2025

Thanks for the partial review. I’ve now changed Dilithium to ML-DSA, added some tests, and introduced a feature flag that hides ML-DSA in the Token Algorithm dropdown menu (let me know if that’s fine).
There are some tests (testsuite/integration-arquillian/tests/base/src/test/java/org/keycloak/testsuite/oauth/ClientAuthMLDSASignedJWTTest.java) that result in an HTTP error. As far as I know, this should be the only issue, but I haven’t figured out how to fix it yet.
Regarding the PR, I would only split it in 3 (JWK, keys, and then all SignatureProviders), but that's up to you.

stianst
stianst reviewed Nov 12, 2025
View reviewed changes
core/src/main/java/org/keycloak/jose/jwk/JWKBuilder.java Outdated

public JWK akp(Key key, KeyUse keyUse) {
AKPPublicJWK k = new AKPPublicJWK();
byte[] encodedKey = key.getEncoded();
Copy link
Contributor

@stianst stianst Nov 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not correct, but have no idea what the correct way or how to do it :/

stianst
stianst reviewed Nov 12, 2025
View reviewed changes
core/src/main/java/org/keycloak/jose/jwk/JWKParser.java Outdated
}

byte[] decodedKey = Base64Url.decode(pub);
X509EncodedKeySpec keySpec = new X509EncodedKeySpec(decodedKey);
Copy link
Contributor

@stianst stianst Nov 12, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is not correct, but have no idea what the correct way or how to do it :/

@stianst
Copy link
Contributor

stianst commented Nov 14, 2025

Sent a PR to add AKP support for JWK parsing/building here:

#44203

Would be great if you could take a look; and as a next-step create a separate PR with the keys. One thing to note there is I migrated the keys tests to the new tests suite, see #44130

@Jonaka3385 Jonaka3385 mentioned this pull request Nov 14, 2025
Open
@Jonaka3385 Jonaka3385 force-pushed the MLDSA-support branch 3 times, most recently from 48c94ea to 0305696 Compare December 2, 2025 08:24
@Jonaka3385
ML-DSA support
b6f94bf 
Signed-off-by: Jonas Kawohl <[email protected]>
@Jonaka3385 Jonaka3385 mentioned this pull request Dec 2, 2025
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@stianst stianst stianst requested changes

Requested changes must be addressed to merge this pull request.

Assignees

@stianst stianst

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Add ML-DSA SignatureProviderFactory and ClientSignatureVerifierProviderFactory‎

2 participants

@Jonaka3385 @stianst