Address feedback

Author: krwq

src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.Crypto.cs

@@ -5,6 +5,7 @@
 using System.Diagnostics;
 using System.Globalization;
 using System.Runtime.InteropServices;
+using System.Security.Cryptography;
 using System.Security.Cryptography.X509Certificates;
 using Microsoft.Win32.SafeHandles;
 
@@ -102,6 +103,29 @@ private static partial int CryptoNative_X509StoreSetVerifyTime(
         [LibraryImport(Libraries.CryptoNative, EntryPoint = "CryptoNative_CheckX509Hostname", StringMarshalling = StringMarshalling.Utf8)]
         internal static partial int CheckX509Hostname(SafeX509Handle x509, string hostname, int cchHostname);
 
+        [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
+        private static partial int CryptoNative_IsSignatureAlgorithmAvailable(string algorithm);
+
+        internal static string? IsSignatureAlgorithmAvailable(string algorithm)
+        {
+            const int Available = 1;
+            const int NotAvailable = 0;
+
+            int ret = CryptoNative_IsSignatureAlgorithmAvailable(algorithm);
+            return ret switch
+            {
+                Available => algorithm,
+                NotAvailable => null,
+                int other => throw Fail(other),
+            };
+
+            static CryptographicException Fail(int result)
+            {
+                Debug.Fail($"Unexpected result {result} from {nameof(CryptoNative_IsSignatureAlgorithmAvailable)}");
+                return new CryptographicException();
+            }
+        }
+
         internal static byte[] GetAsn1StringBytes(IntPtr asn1)
         {
             return GetDynamicBuffer(GetAsn1StringBytes, asn1);

src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPKey.MLDsa.cs

@@ -12,168 +12,134 @@ internal static partial class Interop
 {
     internal static partial class Crypto
     {
-        [Experimental(Experimentals.PostQuantumCryptographyDiagId)]
-        internal static partial class EvpPKeyMLDsa
+        [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
+        private static partial SafeEvpPKeyHandle CryptoNative_MLDsaGenerateKey(string keyType, ReadOnlySpan<byte> seed, int seedLength);
+
+        internal static SafeEvpPKeyHandle MLDsaGenerateKey(string algorithmName, ReadOnlySpan<byte> seed)
         {
-            internal static string? MLDsa44 { get; }
-            internal static string? MLDsa65 { get; }
-            internal static string? MLDsa87 { get; }
+            SafeEvpPKeyHandle handle = CryptoNative_MLDsaGenerateKey(algorithmName, seed, seed.Length);
+            Debug.Assert(handle != null, "handle != null");
 
-            static EvpPKeyMLDsa()
+            if (handle.IsInvalid)
             {
-                CryptoInitializer.Initialize();
-
-                // Do not use property initializers for these because we need to ensure CryptoInitializer.Initialize
-                // is called first. Property initializers happen before cctors, so instead set the property after the
-                // initializer is run.
-                MLDsa44 = IsSignatureAlgorithmAvailable(MLDsaAlgorithm.MLDsa44.Name);
-                MLDsa65 = IsSignatureAlgorithmAvailable(MLDsaAlgorithm.MLDsa65.Name);
-                MLDsa87 = IsSignatureAlgorithmAvailable(MLDsaAlgorithm.MLDsa87.Name);
+                Exception ex = Interop.Crypto.CreateOpenSslCryptographicException();
+                handle.Dispose();
+                throw ex;
             }
 
-            [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
-            private static partial int CryptoNative_IsSignatureAlgorithmAvailable(string algorithm);
+            return handle;
+        }
 
-            private static string? IsSignatureAlgorithmAvailable(string algorithm)
-            {
-                const int Available = 1;
-                const int NotAvailable = 0;
-
-                int ret = CryptoNative_IsSignatureAlgorithmAvailable(algorithm);
-                return ret switch
-                {
-                    Available => algorithm,
-                    NotAvailable => null,
-                    int other => throw Fail(other),
-                };
-
-                static CryptographicException Fail(int result)
-                {
-                    Debug.Fail($"Unexpected result {result} from {nameof(CryptoNative_IsSignatureAlgorithmAvailable)}");
-                    return new CryptographicException();
-                }
-            }
+        [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
+        private static partial SafeEvpPKeyHandle CryptoNative_MLDsaImportSecretKey(string keyType, ReadOnlySpan<byte> sk, int skLength);
 
-            [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
-            private static partial SafeEvpPKeyHandle? CryptoNative_MLDsaGenerateKey(string keyType, ReadOnlySpan<byte> seed, int seedLength);
+        internal static SafeEvpPKeyHandle MLDsaImportSecretKey(string algorithmName, ReadOnlySpan<byte> sk)
+        {
+            SafeEvpPKeyHandle? handle = CryptoNative_MLDsaImportSecretKey(algorithmName, sk, sk.Length);
+            Debug.Assert(handle != null, "handle != null");
 
-            public static SafeEvpPKeyHandle MLDsaGenerateKey(string algorithmName, ReadOnlySpan<byte> seed)
+            if (handle.IsInvalid)
             {
-                SafeEvpPKeyHandle? handle = CryptoNative_MLDsaGenerateKey(algorithmName, seed, seed.Length);
-
-                if (handle == null || handle.IsInvalid)
-                {
-                    throw Interop.Crypto.CreateOpenSslCryptographicException();
-                }
-
-                return handle;
+                Exception ex = Interop.Crypto.CreateOpenSslCryptographicException();
+                handle.Dispose();
+                throw ex;
             }
 
-            [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
-            private static partial SafeEvpPKeyHandle? CryptoNative_MLDsaImportSecretKey(string keyType, ReadOnlySpan<byte> sk, int skLength);
+            return handle;
+        }
 
-            public static SafeEvpPKeyHandle MLDsaImportSecretKey(string algorithmName, ReadOnlySpan<byte> sk)
-            {
-                SafeEvpPKeyHandle? handle = CryptoNative_MLDsaImportSecretKey(algorithmName, sk, sk.Length);
+        [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
+        private static partial SafeEvpPKeyHandle CryptoNative_MLDsaImportPublicKey(string keyType, ReadOnlySpan<byte> pk, int pkLength);
 
-                if (handle == null || handle.IsInvalid)
-                {
-                    throw Interop.Crypto.CreateOpenSslCryptographicException();
-                }
+        internal static SafeEvpPKeyHandle MLDsaImportPublicKey(string algorithmName, ReadOnlySpan<byte> pk)
+        {
+            SafeEvpPKeyHandle handle = CryptoNative_MLDsaImportPublicKey(algorithmName, pk, pk.Length);
+            Debug.Assert(handle != null, "handle != null");
 
-                return handle;
+            if (handle.IsInvalid)
+            {
+                Exception ex = Interop.Crypto.CreateOpenSslCryptographicException();
+                handle.Dispose();
+                throw ex;
             }
 
-            [LibraryImport(Libraries.CryptoNative, StringMarshalling = StringMarshalling.Utf8)]
-            private static partial SafeEvpPKeyHandle? CryptoNative_MLDsaImportPublicKey(string keyType, ReadOnlySpan<byte> pk, int pkLength);
+            return handle;
+        }
+
+        [LibraryImport(Libraries.CryptoNative)]
+        private static partial int CryptoNative_MLDsaSignPure(
+            SafeEvpPKeyHandle pkey, IntPtr extraHandle,
+            ReadOnlySpan<byte> msg, int msgLength,
+            ReadOnlySpan<byte> context, int contextLength,
+            Span<byte> destination, int destinationLength);
+
+        internal static void MLDsaSignPure(
+            SafeEvpPKeyHandle pkey,
+            ReadOnlySpan<byte> msg,
+            ReadOnlySpan<byte> context,
+            Span<byte> destination)
+        {
+            int ret = CryptoNative_MLDsaSignPure(
+                pkey, pkey.ExtraHandle,
+                msg, msg.Length,
+                context, context.Length,
+                destination, destination.Length);
 
-            public static SafeEvpPKeyHandle MLDsaImportPublicKey(string algorithmName, ReadOnlySpan<byte> pk)
+            if (ret != 1)
             {
-                SafeEvpPKeyHandle? handle = CryptoNative_MLDsaImportPublicKey(algorithmName, pk, pk.Length);
+                throw Interop.Crypto.CreateOpenSslCryptographicException();
+            }
+        }
 
-                if (handle == null || handle.IsInvalid)
-                {
-                    throw Interop.Crypto.CreateOpenSslCryptographicException();
-                }
+        [LibraryImport(Libraries.CryptoNative)]
+        private static partial int CryptoNative_MLDsaVerifyPure(
+            SafeEvpPKeyHandle pkey, IntPtr extraHandle,
+            ReadOnlySpan<byte> msg, int msgLength,
+            ReadOnlySpan<byte> context, int contextLength,
+            ReadOnlySpan<byte> signature, int signatureLength);
+
+        internal static bool MLDsaVerifyPure(
+            SafeEvpPKeyHandle pkey,
+            ReadOnlySpan<byte> msg,
+            ReadOnlySpan<byte> context,
+            ReadOnlySpan<byte> signature)
+        {
+            int ret = CryptoNative_MLDsaVerifyPure(
+                pkey, pkey.ExtraHandle,
+                msg, msg.Length,
+                context, context.Length,
+                signature, signature.Length);
 
-                return handle;
+            if (ret == 1)
+            {
+                return true;
             }
-
-            [LibraryImport(Libraries.CryptoNative)]
-            private static partial int CryptoNative_MLDsaSignPure(
-                SafeEvpPKeyHandle pkey, IntPtr extraHandle,
-                ReadOnlySpan<byte> msg, int msgLength,
-                ReadOnlySpan<byte> context, int contextLength,
-                Span<byte> destination, int destinationLength);
-
-            public static void MLDsaSignPure(
-                SafeEvpPKeyHandle pkey,
-                ReadOnlySpan<byte> msg,
-                ReadOnlySpan<byte> context,
-                Span<byte> destination)
+            else if (ret == 0)
             {
-                int ret = CryptoNative_MLDsaSignPure(
-                    pkey, pkey.ExtraHandle,
-                    msg, msg.Length,
-                    context, context.Length,
-                    destination, destination.Length);
-
-                if (ret != 1)
-                {
-                    throw Interop.Crypto.CreateOpenSslCryptographicException();
-                }
+                return false;
             }
-
-            [LibraryImport(Libraries.CryptoNative)]
-            private static partial int CryptoNative_MLDsaVerifyPure(
-                SafeEvpPKeyHandle pkey, IntPtr extraHandle,
-                ReadOnlySpan<byte> msg, int msgLength,
-                ReadOnlySpan<byte> context, int contextLength,
-                ReadOnlySpan<byte> signature, int signatureLength);
-
-            public static bool MLDsaVerifyPure(
-                SafeEvpPKeyHandle pkey,
-                ReadOnlySpan<byte> msg,
-                ReadOnlySpan<byte> context,
-                ReadOnlySpan<byte> signature)
+            else
             {
-                int ret = CryptoNative_MLDsaVerifyPure(
-                    pkey, pkey.ExtraHandle,
-                    msg, msg.Length,
-                    context, context.Length,
-                    signature, signature.Length);
-
-                if (ret == 1)
-                {
-                    return true;
-                }
-                else if (ret == 0)
-                {
-                    return false;
-                }
-                else
-                {
-                    throw Interop.Crypto.CreateOpenSslCryptographicException();
-                }
+                throw Interop.Crypto.CreateOpenSslCryptographicException();
             }
+        }
 
-            [LibraryImport(Libraries.CryptoNative)]
-            private static partial int CryptoNative_MLDsaExportSecretKey(SafeEvpPKeyHandle pkey, Span<byte> destination, int destinationLength);
+        [LibraryImport(Libraries.CryptoNative)]
+        private static partial int CryptoNative_MLDsaExportSecretKey(SafeEvpPKeyHandle pkey, Span<byte> destination, int destinationLength);
 
-            [LibraryImport(Libraries.CryptoNative)]
-            private static partial int CryptoNative_MLDsaExportSeed(SafeEvpPKeyHandle pkey, Span<byte> destination, int destinationLength);
+        [LibraryImport(Libraries.CryptoNative)]
+        private static partial int CryptoNative_MLDsaExportSeed(SafeEvpPKeyHandle pkey, Span<byte> destination, int destinationLength);
 
-            [LibraryImport(Libraries.CryptoNative)]
-            private static partial int CryptoNative_MLDsaExportPublicKey(SafeEvpPKeyHandle pkey, Span<byte> destination, int destinationLength);
+        [LibraryImport(Libraries.CryptoNative)]
+        private static partial int CryptoNative_MLDsaExportPublicKey(SafeEvpPKeyHandle pkey, Span<byte> destination, int destinationLength);
 
-            public static void MLDsaExportSecretKey(SafeEvpPKeyHandle key, Span<byte> destination) =>
-                Interop.Crypto.ExportKeyContents(key, destination, CryptoNative_MLDsaExportSecretKey);
+        internal static void MLDsaExportSecretKey(SafeEvpPKeyHandle key, Span<byte> destination) =>
+            Interop.Crypto.ExportKeyContents(key, destination, CryptoNative_MLDsaExportSecretKey);
 
-            public static void MLDsaExportSeed(SafeEvpPKeyHandle key, Span<byte> destination) =>
-                Interop.Crypto.ExportKeyContents(key, destination, CryptoNative_MLDsaExportSeed);
+        internal static void MLDsaExportSeed(SafeEvpPKeyHandle key, Span<byte> destination) =>
+            Interop.Crypto.ExportKeyContents(key, destination, CryptoNative_MLDsaExportSeed);
 
-            public static void MLDsaExportPublicKey(SafeEvpPKeyHandle key, Span<byte> destination) =>
-                Interop.Crypto.ExportKeyContents(key, destination, CryptoNative_MLDsaExportPublicKey);
-        }
+        internal static void MLDsaExportPublicKey(SafeEvpPKeyHandle key, Span<byte> destination) =>
+            Interop.Crypto.ExportKeyContents(key, destination, CryptoNative_MLDsaExportPublicKey);
     }
 }

src/libraries/Common/src/Interop/Unix/System.Security.Cryptography.Native/Interop.EvpPKey.MLDsaAlgs.cs

@@ -0,0 +1,34 @@
+// Licensed to the .NET Foundation under one or more agreements.
+// The .NET Foundation licenses this file to you under the MIT license.
+
+using System;
+using System.Diagnostics;
+using System.Diagnostics.CodeAnalysis;
+using System.Runtime.InteropServices;
+using System.Security.Cryptography;
+using Microsoft.Win32.SafeHandles;
+
+internal static partial class Interop
+{
+    internal static partial class Crypto
+    {
+        internal static partial class EvpPKeyMLDsaAlgs
+        {
+            internal static string? MLDsa44 { get; }
+            internal static string? MLDsa65 { get; }
+            internal static string? MLDsa87 { get; }
+
+            static EvpPKeyMLDsaAlgs()
+            {
+                CryptoInitializer.Initialize();
+
+                // Do not use property initializers for these because we need to ensure CryptoInitializer.Initialize
+                // is called first. Property initializers happen before cctors, so instead set the property after the
+                // initializer is run.
+                MLDsa44 = IsSignatureAlgorithmAvailable(MLDsaAlgorithm.MLDsa44.Name);
+                MLDsa65 = IsSignatureAlgorithmAvailable(MLDsaAlgorithm.MLDsa65.Name);
+                MLDsa87 = IsSignatureAlgorithmAvailable(MLDsaAlgorithm.MLDsa87.Name);
+            }
+        }
+    }
+}