The latest enhancement to wolfSSL’s ML-DSA (Module-Lattice-Based Digital Signature Algorithm) implementation solidifies interoperability with OpenSSL-generated cryptographic keys. This update introduces support for importing ML-DSA private keys that have been encoded using OpenSSL’s DER format.
The new functionality extends the ASN.1 parsing logic to recognize and correctly decode an ASN.1 encoding structure that OpenSSL uses for ML-DSA private keys. This enhancement ensures that developers can generate keys using OpenSSL’s genpkey utility with the ML-DSA-44, ML-DSA-65, or ML-DSA-87 algorithms and then import those keys directly into wolfSSL-based applications.
From a technical perspective, the update introduces an alternative DER prefix format that accommodates OpenSSL’s encoding structure. Previously, we only support the format that was generated by the OQS Provider. This enhancement is particularly valuable for organizations transitioning to post-quantum cryptography, as it enables them to interoperate with openSSL’s implementation as well as the OQS provider’s implementation.
Afraid of getting locked out of an ecosystem because you can interoperate with one implementation but not the other? Stick with wolfSSL’s libraries and you’ll never worry about that again.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now