# 34. `example_composite_mldsa_certificate.py` — Composite ML-DSA certificates
[← Example index](index.md) · [`example_composite_mldsa_certificate.py` on Codeberg](https://codeberg.org/abbra/synta/src/branch/main/examples/example_composite_mldsa_certificate.py)
Bindings: `PrivateKey.generate_composite_ml_dsa`, `CertificateBuilder.sign`,
`PrivateKey.to_der`, `PrivateKey.from_der`, `synta.oids` composite ML-DSA constants
(`COMPOSITE_MLDSA_ARC`, `MLDSA44_RSA2048_PSS_SHA256` … `MLDSA87_ECDSA_P521_SHA512`).
Requires the `openssl` + `pqc` Cargo features (OpenSSL 3.3+) or the `nss` feature.
NSS backend limitations: SHAKE256 variants (sub-arc 51) and Brainpool curve variants
(sub-arcs 47, 50) are unsupported.
- Verify all 18 composite ML-DSA OID constants in `synta.oids` (`COMPOSITE_MLDSA_ARC`
prefix, sub-arcs 37–54) against their expected dotted-decimal values.
- Generate a composite ML-DSA private key with
`PrivateKey.generate_composite_ml_dsa(sub_arc)` for each of the 18 variants;
show a `SKIP` line (instead of an assertion error) when the current build does
not support a variant (e.g. Brainpool on NSS).
- Round-trip each generated key through PKCS#8 DER (`to_der()` / `from_der()`);
assert byte equality.
- Build and sign a self-signed X.509 certificate with each composite key using
`CertificateBuilder`; add `BasicConstraints`, `KeyUsage`, and
`SubjectKeyIdentifier` extensions; verify that `certificate.signature_algorithm_oid`
matches `1.3.6.1.5.5.7.6.<sub_arc>`.
- Perform a detailed walk-through of sub-arc 45 (MLDSA65-ECDSA-P256-SHA512):
- Print PKCS#8 DER length and SPKI length.
- Build a self-signed CA certificate with `pathLen=1`.
- Sign a leaf certificate (P-256 key, dNSName SAN) with the composite CA key;
verify the leaf's `signature_algorithm_oid`.
- Confirm the CA certificate DER round-trip via `Certificate.from_der`.