Eric Biggers <[email protected]> wrote:
> As I mentioned before
> (https://lore.kernel.org/linux-crypto/20250613170456.GA1284@sol/), this
> code should go in lib/crypto/. There seems to be a clean API in
> crypto/ml_dsa/dilithium.h already. Just make that the library API.
It's not that simple, as it turns out. Various of the API structures are
dependent on the strength-specific #include magic stuff.
dilithium_{44,65,87}.h (or parts thereof) are used in the generation of those
structs.
Now, I can move all that stuff into one header file in include/crypto/, but
it's exposing a lot of the internals.
It also requires the caller to do some of the work in expanding the public key
and signature into those API structs, so it's probably better to wrap the
dilithium.h API to a simpler one with just init, update, fini and all-in-one
functions and have the crypto_sig interface call those (the helper functions
are pretty much the wrappers I need anyway).
David
