B Algorithm and key type encoding¶
These are encodings for PQC algorithms and keys defined in this extension. This information should be read in conjunction with [PSA-CRYPT] Appendix B.
Note
These encodings will be integrated into a future version of [PSA-CRYPT].
B.1 Algorithm encoding¶
B.1.1 Hash algorithm encoding¶
Additional hash algorithms defined by this extension are shown in Table 4. See also Hash algorithm encoding in [PSA-CRYPT] Appendix B.
Hash algorithm |
HASH-TYPE |
Algorithm identifier |
Algorithm value |
---|---|---|---|
SHA-256/192 |
|
|
|
SHAKE128/256 |
|
|
|
SHAKE256/192 |
|
|
|
SHAKE256/256 |
|
|
B.1.2 Asymmetric signature algorithm encoding¶
Additional signature algorithms defined by this extension are shown in Table 5. See also Asymmetric signature algorithm encoding in [PSA-CRYPT] Appendix B.
Signature algorithm |
SIGN-TYPE |
Algorithm identifier |
Algorithm value |
---|---|---|---|
Hedged SLH-DSA |
|
|
|
Deterministic SLH-DSA |
|
|
|
Hedged HashSLH-DSA |
|
|
|
Deterministic HashSLH-DSA |
|
|
|
Hedged ML-DSA |
|
|
|
Deterministic ML-DSA |
|
|
|
Hedged HashML-DSA |
|
|
|
Deterministic HashML-DSA |
|
|
|
LMS |
|
|
|
HSS |
|
|
|
XMSS |
|
|
|
XMSSMT |
|
|
hh
is the HASH-TYPE for the hash algorithm,hash
, used to construct the signature algorithm.
B.1.3 Key-encapsulation algorithm encoding¶
Additional key-encapsulation algorithms defined by this extension are shown in Table 6.
Encapsulation algorithm |
ENCAPS-TYPE |
Algorithm identifier |
Algorithm value |
---|---|---|---|
ML-KEM |
|
|
B.2 Key encoding¶
Additional asymmetric key types defined by this extension are shown in Table 7. See also Asymmetric key encoding in [PSA-CRYPT] Appendix B.
Asymmetric key type |
ASYM-TYPE |
Details |
---|---|---|
SLH-DSA |
3 |
B.2.1 Non-parameterized asymmetric key encoding¶
Additional non-parameterized asymmetric key types defined by this extension are shown in Table 8. See also Non-parameterized asymmetric key encoding in [PSA-CRYPT] Appendix B.
Key family |
Public/pair |
PAIR |
NP-FAMILY |
P |
Key type |
Key value |
---|---|---|---|---|---|---|
ML-DSA |
Public key |
0 |
1 |
0 |
|
|
Key pair |
3 |
1 |
0 |
|
||
ML-KEM |
Public key |
0 |
2 |
0 |
|
|
Key pair |
3 |
2 |
0 |
|
||
LMS |
Public key |
0 |
3 |
1 |
|
|
HSS |
Public key |
0 |
4 |
0 |
|
|
XMSS |
Public key |
0 |
5 |
1 |
|
|
XMSSMT |
Public key |
0 |
6 |
1 |
|
B.2.2 SLH-DSA key encoding¶
The key type for SLH-DSA keys defined in this specification are encoded as shown in Figure 1.
Figure 1 SLH-DSA key encoding¶
PAIR is either 0 for a public key, or 3 for a key pair.
The defined values for FAMILY and P are shown in Table 9.
SLH-DSA key family |
FAMILY |
P |
SLH-DSA family a |
Public-key value |
Key-pair value |
---|---|---|---|---|---|
SLH-DSA-SHA2-Ns |
0x01 |
0 |
|
|
|
SLH-DSA-SHA2-Nf |
0x02 |
0 |
|
|
|
SLH-DSA-SHAKE-Ns |
0x05 |
1 |
|
|
|
SLH-DSA-SHAKE-Nf |
0x06 |
1 |
|
|
The SLH-DSA family values defined in the API also include the parity bit. The key type value is constructed from the SLH-DSA family using either
PSA_KEY_TYPE_SLH_DSA_PUBLIC_KEY
(
family
)
orPSA_KEY_TYPE_SLH_DSA_KEY_PAIR
(
family
)
as required.