fixed old dilithium for compatibility.

bcgit · Aug 23, 2024 · c8fe4d7 · c8fe4d7
1 parent cbecef3
commit c8fe4d7
Show file tree

Hide file tree

Showing 3 changed files with 69 additions and 18 deletions.
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyFactory.java b/core/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyFactory.java
@@ -33,6 +33,9 @@
 import org.bouncycastle.pqc.crypto.bike.BIKEPrivateKeyParameters;
 import org.bouncycastle.pqc.crypto.cmce.CMCEParameters;
 import org.bouncycastle.pqc.crypto.cmce.CMCEPrivateKeyParameters;
+import org.bouncycastle.pqc.crypto.crystals.dilithium.DilithiumParameters;
+import org.bouncycastle.pqc.crypto.crystals.dilithium.DilithiumPrivateKeyParameters;
+import org.bouncycastle.pqc.crypto.crystals.dilithium.DilithiumPublicKeyParameters;
 import org.bouncycastle.pqc.crypto.falcon.FalconParameters;
 import org.bouncycastle.pqc.crypto.falcon.FalconPrivateKeyParameters;
 import org.bouncycastle.pqc.crypto.frodo.FrodoParameters;
@@ -245,8 +248,8 @@ else if (algOID.on(BCObjectIdentifiers.pqc_kem_ntru))
             return new NTRUPrivateKeyParameters(spParams, keyEnc);
         }
         else if (algOID.equals(NISTObjectIdentifiers.id_alg_ml_kem_512) ||
-                 algOID.equals(NISTObjectIdentifiers.id_alg_ml_kem_768) ||
-                 algOID.equals(NISTObjectIdentifiers.id_alg_ml_kem_1024))
+            algOID.equals(NISTObjectIdentifiers.id_alg_ml_kem_768) ||
+            algOID.equals(NISTObjectIdentifiers.id_alg_ml_kem_1024))
         {
             ASN1OctetString kyberKey = ASN1OctetString.getInstance(keyInfo.parsePrivateKey());
             MLKEMParameters kyberParams = Utils.kyberParamsLookup(algOID);
@@ -319,15 +322,61 @@ else if (algOID.equals(NISTObjectIdentifiers.id_ml_dsa_44)
                         null);
                 }
             }
+            else
+            {
+                throw new IOException("not supported");
+            }
+        }
+        else if (algOID.equals(BCObjectIdentifiers.dilithium2)
+            || algOID.equals(BCObjectIdentifiers.dilithium3) || algOID.equals(BCObjectIdentifiers.dilithium5))
+        {
+            ASN1Encodable keyObj = keyInfo.parsePrivateKey();
+            DilithiumParameters dilParams = Utils.dilithiumParamsLookup(algOID);
+
+            if (keyObj instanceof ASN1Sequence)
+            {
+                ASN1Sequence keyEnc = ASN1Sequence.getInstance(keyObj);
+
+                int version = ASN1Integer.getInstance(keyEnc.getObjectAt(0)).intValueExact();
+                if (version != 0)
+                {
+                    throw new IOException("unknown private key version: " + version);
+                }
+
+                if (keyInfo.getPublicKeyData() != null)
+                {
+                    DilithiumPublicKeyParameters pubParams = PublicKeyFactory.DilithiumConverter.getPublicKeyParams(dilParams, keyInfo.getPublicKeyData());
+
+                    return new DilithiumPrivateKeyParameters(dilParams,
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(1)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(2)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(3)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(4)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(5)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(6)).getOctets(),
+                        pubParams.getT1()); // encT1
+                }
+                else
+                {
+                    return new DilithiumPrivateKeyParameters(dilParams,
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(1)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(2)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(3)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(4)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(5)).getOctets(),
+                        ASN1BitString.getInstance(keyEnc.getObjectAt(6)).getOctets(),
+                        null);
+                }
+            }
             else if (keyObj instanceof DEROctetString)
             {
                 byte[] data = ASN1OctetString.getInstance(keyObj).getOctets();
                 if (keyInfo.getPublicKeyData() != null)
                 {
-                    MLDSAPublicKeyParameters pubParams = PublicKeyFactory.MLDSAConverter.getPublicKeyParams(spParams, keyInfo.getPublicKeyData());
-                    return new MLDSAPrivateKeyParameters(spParams, data, pubParams);
+                    DilithiumPublicKeyParameters pubParams = PublicKeyFactory.DilithiumConverter.getPublicKeyParams(dilParams, keyInfo.getPublicKeyData());
+                    return new DilithiumPrivateKeyParameters(dilParams, data, pubParams);
                 }
-                return new MLDSAPrivateKeyParameters(spParams, data, null);
+                return new DilithiumPrivateKeyParameters(dilParams, data, null);
             }
             else
             {

diff --git a/.../src/main/java/org/bouncycastle/pqc/jcajce/provider/dilithium/DilithiumKeyFactorySpi.java b/.../src/main/java/org/bouncycastle/pqc/jcajce/provider/dilithium/DilithiumKeyFactorySpi.java
@@ -14,7 +14,6 @@
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.pqc.jcajce.provider.util.BaseKeyFactorySpi;
@@ -26,6 +25,9 @@ public class DilithiumKeyFactorySpi
 
     static
     {
+        keyOids.add(BCObjectIdentifiers.dilithium2);
+        keyOids.add(BCObjectIdentifiers.dilithium3);
+        keyOids.add(BCObjectIdentifiers.dilithium5);
         keyOids.add(BCObjectIdentifiers.dilithium2_aes);
         keyOids.add(BCObjectIdentifiers.dilithium3_aes);
         keyOids.add(BCObjectIdentifiers.dilithium5_aes);
@@ -96,7 +98,7 @@ public static class Base2
     {
         public Base2()
         {
-            super(NISTObjectIdentifiers.id_ml_dsa_44);
+            super(BCObjectIdentifiers.dilithium2);
         }
     }
 
@@ -105,7 +107,7 @@ public static class Base3
     {
         public Base3()
         {
-            super(NISTObjectIdentifiers.id_ml_dsa_65);
+            super(BCObjectIdentifiers.dilithium3);
         }
     }
 
@@ -114,7 +116,7 @@ public static class Base5
     {
         public Base5()
         {
-            super(NISTObjectIdentifiers.id_ml_dsa_87);
+            super(BCObjectIdentifiers.dilithium5);
         }
     }
 

diff --git a/...rc/test/java/org/bouncycastle/pqc/jcajce/provider/test/DilithiumKeyPairGeneratorTest.java b/...rc/test/java/org/bouncycastle/pqc/jcajce/provider/test/DilithiumKeyPairGeneratorTest.java
@@ -7,7 +7,7 @@
 import java.security.Security;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.pqc.jcajce.spec.DilithiumParameterSpec;
 
@@ -36,15 +36,15 @@ public void testKeyPairGeneratorNames()
         throws Exception
     {
         ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[] {
-            NISTObjectIdentifiers.id_ml_dsa_44,
-            NISTObjectIdentifiers.id_ml_dsa_65,
-            NISTObjectIdentifiers.id_ml_dsa_87
+            BCObjectIdentifiers.dilithium2,
+            BCObjectIdentifiers.dilithium3,
+            BCObjectIdentifiers.dilithium5
         };
 
         String[] algs = new String[]{
-            "ML-DSA-44",
-            "ML-DSA-65",
-            "ML-DSA-87"
+            "DILITHIUM2",
+            "DILITHIUM3",
+            "DILITHIUM5"
         };
 
         for (int i = 0; i != oids.length; i++)
@@ -68,9 +68,9 @@ public void testKeyPairEncoding()
                         DilithiumParameterSpec.dilithium3,
                         DilithiumParameterSpec.dilithium5,
                 };
-        kf = KeyFactory.getInstance("Dilithium", "BC");
+        kf = KeyFactory.getInstance("Dilithium", "BCPQC");
 
-        kpg = KeyPairGenerator.getInstance("Dilithium", "BC");
+        kpg = KeyPairGenerator.getInstance("Dilithium", "BCPQC");
 
         for (int i = 0; i != specs.length; i++)
         {