ML-KEM: PKCS#8 Exports

[vcsjones]

This adds PKCS#8 exports to MLKem and MLKemOpenSsl.

Contributes to #113508

[ghost]

Note regarding the new-api-needs-documentation label:

This serves as a reminder for when your PR is modifying a ref *.cs file and adding/modifying public APIs, please make sure the API implementation in the src *.cs file is documented with triple slash comments, so the PR reviewers can sign off that change.

[ghost]

Note regarding the new-api-needs-documentation label:

This serves as a reminder for when your PR is modifying a ref *.cs file and adding/modifying public APIs, please make sure the API implementation in the src *.cs file is documented with triple slash comments, so the PR reviewers can sign off that change.

[Copilot]

Pull Request Overview

This PR adds support for PKCS#8 key exports to MLKem and MLKemOpenSsl by updating the native interop functions, managed API, and test coverage. Key changes include modifications in the native lib functions for extracting key parameters, updates to MLKemOpenSsl and MLKem implementation to propagate seed and decapsulation key information, and new tests for PKCS#8 exporting functionality.

Reviewed Changes

Copilot reviewed 15 out of 16 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
src/native/libs/System.Security.Cryptography.Native/pal_evp_pkey.[ch]	Added a new function to check for an octet string parameter in EVP_PKEY.
src/native/libs/System.Security.Cryptography.Native/pal_evp_kem.[ch]	Updated the KEM functions to report additional key attribute information.
src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLKemOpenSsl*.cs	Modified MLKemOpenSsl to consume the additional outputs for seed and decapsulation key.
src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/MLKemImplementation.OpenSsl.cs	Updated key generation and import methods to pass constant attribute values.
src/libraries/System/Security/Cryptography/MLKem.cs and ref/System.Security.Cryptography.cs	Added the TryExportPkcs8PrivateKey API and expanded buffer export logic.
src/libraries/Common/*	Added the MLKemPkcs8 helper and updated tests to cover the new PKCS#8 key export functionality.

Files not reviewed (1)

• src/libraries/System.Security.Cryptography/src/System.Security.Cryptography.csproj: Language not supported

Comments suppressed due to low confidence (2)

src/libraries/Common/src/System/Security/Cryptography/MLKemPkcs8.cs:30

• If both 'hasSeed' and 'hasDecapsulationKey' are true, the current logic prioritizes using the seed for PKCS#8 export. Please document this precedence explicitly to improve clarity for future maintainers.

if (hasSeed)

src/libraries/Common/src/System/Security/Cryptography/MLKem.cs:808

• [nitpick] Consider replacing the magic number with a more descriptive constant name or adding a clarifying comment that explains why 86 bytes is the minimum size required for a PKCS#8 ML-KEM key export.

const int MinimumPossiblePkcs8MLKemKey = 86;

Tip: Copilot code review supports C#, Go, Java, JavaScript, Markdown, Python, Ruby and TypeScript, with more languages coming soon. Learn more

[dotnet-policy-service]

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.