Google Git
Sign in
boringssl/boringssl/4d124cf20d9fdfe8be8a87bd22e8372cf4d013ea^!/.
commit
4d124cf20d9fdfe8be8a87bd22e8372cf4d013ea
[log]
author
Lily Chen <chlily@google.com>
Mon Apr 27 18:30:21 2026 +0000
committer
boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Mon Apr 27 12:21:06 2026 -0700
tree
b62a6bcdf5e79df97ab60eec164029dae7a19df8
parent
0d88d522d05ab9e6a22d8bc5bb8804342e10981c [diff]
Update documentation for ML-KEM

Change-Id: Ia812327af10235de099f5ed2e5dfc6586a6a6964
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/94167
Presubmit-BoringSSL-Verified: boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com <boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Lily Chen <chlily@google.com>
Reviewed-by: Adam Langley <agl@google.com>
Commit-Queue: Adam Langley <agl@google.com>

diff --git a/include/openssl/evp.h b/include/openssl/evp.h
index b156dfa..08d24c3 100644
--- a/include/openssl/evp.h
+++ b/include/openssl/evp.h

@@ -396,6 +396,10 @@
 //   APIs, but instead the |EVP_PKEY_from_private_seed| and
 //   |EVP_PKEY_get_private_seed| APIs.
 //
+// - ML-KEM, using the formats in FIPS 203. The private key representation
+//   supported by BoringSSL is the 64-byte "seed" resulting from the
+//   concatenation of d||z, as each is defined in FIPS 203.
+//
 // These formats are suitable if serializing a key in a context where the
 // algorithm is already known and there is no need to encode it.
 

diff --git a/include/openssl/mlkem.h b/include/openssl/mlkem.h
index 56edc16..65b4e90 100644
--- a/include/openssl/mlkem.h
+++ b/include/openssl/mlkem.h

@@ -25,7 +25,7 @@
 // ML-KEM-768.
 //
 // This implements the Module-Lattice-Based Key-Encapsulation Mechanism from
-// https://csrc.nist.gov/pubs/fips/204/final
+// https://csrc.nist.gov/pubs/fips/203/final
 
 
 // MLKEM768_public_key contains an ML-KEM-768 public key. The contents of this