Lumoin
diff --git a/‎Directory.Packages.props‎
Lines changed: 1 addition & 1 deletion b/‎Directory.Packages.props‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎NuGet.config‎
Lines changed: 1 addition & 1 deletion b/‎NuGet.config‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Verifiable.BouncyCastle/BouncyCastleCryptographicFunctions.cs‎
Lines changed: 248 additions & 26 deletions b/‎src/Verifiable.BouncyCastle/BouncyCastleCryptographicFunctions.cs‎
Lines changed: 248 additions & 26 deletions
diff --git a/‎src/Verifiable.BouncyCastle/BouncyCastleKeyMaterialCreator.cs‎
Lines changed: 134 additions & 0 deletions b/‎src/Verifiable.BouncyCastle/BouncyCastleKeyMaterialCreator.cs‎
Lines changed: 134 additions & 0 deletions
diff --git a/‎src/Verifiable.BouncyCastle/Verifiable.BouncyCastle.csproj‎
Lines changed: 1 addition & 1 deletion b/‎src/Verifiable.BouncyCastle/Verifiable.BouncyCastle.csproj‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎src/Verifiable.BouncyCastle/packages.lock.json‎
Lines changed: 6 additions & 6 deletions b/‎src/Verifiable.BouncyCastle/packages.lock.json‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎src/Verifiable.Cbor/Sd/SdCwtPipeline.cs‎
Lines changed: 3 additions & 1 deletion b/‎src/Verifiable.Cbor/Sd/SdCwtPipeline.cs‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎src/Verifiable.Core/Model/Credentials/CredentialCoseExtensions.cs‎
Lines changed: 3 additions & 1 deletion b/‎src/Verifiable.Core/Model/Credentials/CredentialCoseExtensions.cs‎
Lines changed: 3 additions & 1 deletion
diff --git a/‎src/Verifiable.Core/Model/Credentials/CredentialJwsExtensions.cs‎
Lines changed: 9 additions & 3 deletions b/‎src/Verifiable.Core/Model/Credentials/CredentialJwsExtensions.cs‎
Lines changed: 9 additions & 3 deletions
@@ -15,7 +15,7 @@
     <PackageVersion Include="Microsoft.Sbom.Targets" Version="4.1.5" />
     <PackageVersion Include="ModelContextProtocol" Version="0.5.0-preview.1" />
     <PackageVersion Include="NSec.Cryptography" Version="25.4.0" />
-    <PackageVersion Include="Portable.BouncyCastle" Version="1.9.0" />
+    <PackageVersion Include="BouncyCastle.Cryptography" Version="2.6.2" />
     <PackageVersion Include="SIL.ReleaseTasks" Version="3.2.0" />
     <PackageVersion Include="System.Collections.Immutable" Version="10.0.1" />
     <PackageVersion Include="System.Formats.Cbor" Version="10.0.3" />
 
@@ -20,7 +20,7 @@
       <certificate fingerprint="5a2901d6ada3d18260b9c6dfe2133c95d74b9eef6ae0e5dc334c8454d1477df4" hashAlgorithm="SHA256" allowUntrustedRoot="false" />
       <certificate fingerprint="0E5F38F57DC1BCC806D8494F4F90FBCEDD988B46760709CBEEC6F4219AA6157D" hashAlgorithm="SHA256" allowUntrustedRoot="false" />
       <certificate fingerprint="1F4B311D9ACC115C8DC8018B5A49E00FCE6DA8E2855F9F014CA6F34570BC482D" hashAlgorithm="SHA256" allowUntrustedRoot="false" />
-      <owners>ModelContextProtocol;ModelContextProtocolOfficial;rsuter;patrik;wtfsck;alirezanet;danielpalme;stryker-mutator;MarkZither;AnthonyLloyd;pshkarin;Microsoft;9ee1;commandlineparser;DotLiquid;roastedamoeba;NightOwl888;FlorianRappl;wtfsck;zzzprojects;SharpDevelop;jedisct1;xoofx;ApacheLuceneNet;Microsoft;dotnetfoundation;albi05;jd.cain.jr;joelhulen;aarnott;AndreyAkinshin;dotnetrdf;kurt;codito;kurtmkurtm;nsec;clairernovotny;Metalnem;sil-lsdev;sedatk;spectresystems;winsharpfuzz;</owners>
+      <owners>LegionOfTheBouncyCastle;ModelContextProtocol;ModelContextProtocolOfficial;rsuter;patrik;wtfsck;alirezanet;danielpalme;stryker-mutator;MarkZither;AnthonyLloyd;pshkarin;Microsoft;9ee1;commandlineparser;DotLiquid;roastedamoeba;NightOwl888;FlorianRappl;wtfsck;zzzprojects;SharpDevelop;jedisct1;xoofx;ApacheLuceneNet;Microsoft;dotnetfoundation;albi05;jd.cain.jr;joelhulen;aarnott;AndreyAkinshin;dotnetrdf;kurt;codito;kurtmkurtm;nsec;Metalnem;sil-lsdev;sedatk;spectresystems;winsharpfuzz;</owners>
     </repository>
   </trustedSigners>
 </configuration>
@@ -93,6 +93,84 @@ public static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> Create
         }
 
 
+        /// <summary>
+        /// Creates ML-DSA-44 key material (NIST FIPS 204, security level 2).
+        /// Public key: 1312 bytes. Private key: 2560 bytes (seed-expanded).
+        /// </summary>
+        /// <param name="memoryPool">The memory pool to allocate key buffers from.</param>
+        /// <returns>A new key pair. The caller must dispose each key individually.</returns>
+        public static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlDsa44Keys(MemoryPool<byte> memoryPool)
+        {
+            ArgumentNullException.ThrowIfNull(memoryPool);
+            return CreateMlDsaKeys(MLDsaParameters.ml_dsa_44, memoryPool, CryptoTags.MlDsa44PublicKey, CryptoTags.MlDsa44PrivateKey);
+        }
+
+
+        /// <summary>
+        /// Creates ML-DSA-65 key material (NIST FIPS 204, security level 3).
+        /// Public key: 1952 bytes. Private key: 4032 bytes (seed-expanded).
+        /// </summary>
+        /// <param name="memoryPool">The memory pool to allocate key buffers from.</param>
+        /// <returns>A new key pair. The caller must dispose each key individually.</returns>
+        public static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlDsa65Keys(MemoryPool<byte> memoryPool)
+        {
+            ArgumentNullException.ThrowIfNull(memoryPool);
+            return CreateMlDsaKeys(MLDsaParameters.ml_dsa_65, memoryPool, CryptoTags.MlDsa65PublicKey, CryptoTags.MlDsa65PrivateKey);
+        }
+
+
+        /// <summary>
+        /// Creates ML-DSA-87 key material (NIST FIPS 204, security level 5).
+        /// Public key: 2592 bytes. Private key: 4896 bytes (seed-expanded).
+        /// </summary>
+        /// <param name="memoryPool">The memory pool to allocate key buffers from.</param>
+        /// <returns>A new key pair. The caller must dispose each key individually.</returns>
+        public static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlDsa87Keys(MemoryPool<byte> memoryPool)
+        {
+            ArgumentNullException.ThrowIfNull(memoryPool);
+            return CreateMlDsaKeys(MLDsaParameters.ml_dsa_87, memoryPool, CryptoTags.MlDsa87PublicKey, CryptoTags.MlDsa87PrivateKey);
+        }
+
+
+        /// <summary>
+        /// Creates ML-KEM-512 key material (NIST FIPS 203, security level 1).
+        /// Public key: 800 bytes. Ciphertext: 768 bytes. Shared secret: 32 bytes.
+        /// </summary>
+        /// <param name="memoryPool">The memory pool to allocate key buffers from.</param>
+        /// <returns>A new key pair. The caller must dispose each key individually.</returns>
+        public static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlKem512Keys(MemoryPool<byte> memoryPool)
+        {
+            ArgumentNullException.ThrowIfNull(memoryPool);
+            return CreateMlKemKeys(MLKemParameters.ml_kem_512, memoryPool, CryptoTags.MlKem512PublicKey, CryptoTags.MlKem512PrivateKey);
+        }
+
+
+        /// <summary>
+        /// Creates ML-KEM-768 key material (NIST FIPS 203, security level 3).
+        /// Public key: 1184 bytes. Ciphertext: 1088 bytes. Shared secret: 32 bytes.
+        /// </summary>
+        /// <param name="memoryPool">The memory pool to allocate key buffers from.</param>
+        /// <returns>A new key pair. The caller must dispose each key individually.</returns>
+        public static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlKem768Keys(MemoryPool<byte> memoryPool)
+        {
+            ArgumentNullException.ThrowIfNull(memoryPool);
+            return CreateMlKemKeys(MLKemParameters.ml_kem_768, memoryPool, CryptoTags.MlKem768PublicKey, CryptoTags.MlKem768PrivateKey);
+        }
+
+
+        /// <summary>
+        /// Creates ML-KEM-1024 key material (NIST FIPS 203, security level 5).
+        /// Public key: 1568 bytes. Ciphertext: 1568 bytes. Shared secret: 32 bytes.
+        /// </summary>
+        /// <param name="memoryPool">The memory pool to allocate key buffers from.</param>
+        /// <returns>A new key pair. The caller must dispose each key individually.</returns>
+        public static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlKem1024Keys(MemoryPool<byte> memoryPool)
+        {
+            ArgumentNullException.ThrowIfNull(memoryPool);
+            return CreateMlKemKeys(MLKemParameters.ml_kem_1024, memoryPool, CryptoTags.MlKem1024PublicKey, CryptoTags.MlKem1024PrivateKey);
+        }
+
+
         private static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateEcKeys(
             string secCurveName,
             Tag publicKeyTag,
@@ -188,6 +266,62 @@ private static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> Creat
         }
 
 
+        /// <summary>
+        /// Creates ML-DSA key material for the given parameter set. The keys are serialized
+        /// as raw encoded bytes via <c>GetEncoded()</c>.
+        /// </summary>
+        private static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlDsaKeys(
+            MLDsaParameters parameters,
+            MemoryPool<byte> memoryPool,
+            Tag publicKeyTag,
+            Tag privateKeyTag)
+        {
+            var keyGenParameters = new MLDsaKeyGenerationParameters(random, parameters);
+            var keyPairGen = new MLDsaKeyPairGenerator();
+            keyPairGen.Init(keyGenParameters);
+
+            AsymmetricCipherKeyPair keyPair = keyPairGen.GenerateKeyPair();
+            byte[] publicKeyBytes = ((MLDsaPublicKeyParameters)keyPair.Public).GetEncoded();
+            byte[] privateKeyBytes = ((MLDsaPrivateKeyParameters)keyPair.Private).GetEncoded();
+
+            var publicKeyMemory = new PublicKeyMemory(AsPooledMemory(publicKeyBytes, memoryPool), publicKeyTag);
+            var privateKeyMemory = new PrivateKeyMemory(AsPooledMemory(privateKeyBytes, memoryPool), privateKeyTag);
+
+            Array.Clear(publicKeyBytes, 0, publicKeyBytes.Length);
+            Array.Clear(privateKeyBytes, 0, privateKeyBytes.Length);
+
+            return new PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory>(publicKeyMemory, privateKeyMemory);
+        }
+
+
+        /// <summary>
+        /// Creates ML-KEM key material for the given parameter set. The keys are serialized
+        /// as raw encoded bytes via <c>GetEncoded()</c>.
+        /// </summary>
+        private static PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory> CreateMlKemKeys(
+            MLKemParameters parameters,
+            MemoryPool<byte> memoryPool,
+            Tag publicKeyTag,
+            Tag privateKeyTag)
+        {
+            var keyGenParameters = new MLKemKeyGenerationParameters(random, parameters);
+            var keyPairGen = new MLKemKeyPairGenerator();
+            keyPairGen.Init(keyGenParameters);
+
+            AsymmetricCipherKeyPair keyPair = keyPairGen.GenerateKeyPair();
+            byte[] publicKeyBytes = ((MLKemPublicKeyParameters)keyPair.Public).GetEncoded();
+            byte[] privateKeyBytes = ((MLKemPrivateKeyParameters)keyPair.Private).GetEncoded();
+
+            var publicKeyMemory = new PublicKeyMemory(AsPooledMemory(publicKeyBytes, memoryPool), publicKeyTag);
+            var privateKeyMemory = new PrivateKeyMemory(AsPooledMemory(privateKeyBytes, memoryPool), privateKeyTag);
+
+            Array.Clear(publicKeyBytes, 0, publicKeyBytes.Length);
+            Array.Clear(privateKeyBytes, 0, privateKeyBytes.Length);
+
+            return new PublicPrivateKeyMaterial<PublicKeyMemory, PrivateKeyMemory>(publicKeyMemory, privateKeyMemory);
+        }
+
+
         private static IMemoryOwner<byte> AsPooledMemory(byte[] keyBytes, MemoryPool<byte> memoryPool)
         {
             ArgumentNullException.ThrowIfNull(keyBytes);
 
@@ -8,7 +8,7 @@
   </PropertyGroup>
 
   <ItemGroup>    
-    <PackageReference Include="Portable.BouncyCastle" />
+    <PackageReference Include="BouncyCastle.Cryptography" />
   </ItemGroup>
 
   <ItemGroup>
 
@@ -2,6 +2,12 @@
   "version": 2,
   "dependencies": {
     "net10.0": {
+      "BouncyCastle.Cryptography": {
+        "type": "Direct",
+        "requested": "[2.6.2, )",
+        "resolved": "2.6.2",
+        "contentHash": "7oWOcvnntmMKNzDLsdxAYqApt+AjpRpP2CShjMfIa3umZ42UQMvH0tl1qAliYPNYO6vTdcGMqnRrCPmsfzTI1w=="
+      },
       "Microsoft.CodeAnalysis.BannedApiAnalyzers": {
         "type": "Direct",
         "requested": "[3.12.0-beta1.25218.8, )",
@@ -14,12 +20,6 @@
         "resolved": "4.1.5",
         "contentHash": "i5z+cNu/cOcdO0AgFB8aXk8w6In2H+haaDfSgd9ImvQIK+rSHavHZIogVoAZLL8jLwYx4bAcs5b7EyuMMG4mQQ=="
       },
-      "Portable.BouncyCastle": {
-        "type": "Direct",
-        "requested": "[1.9.0, )",
-        "resolved": "1.9.0",
-        "contentHash": "eZZBCABzVOek+id9Xy04HhmgykF0wZg9wpByzrWN7q8qEI0Qen9b7tfd7w8VA3dOeesumMG7C5ZPy0jk7PSRHw=="
-      },
       "SIL.ReleaseTasks": {
         "type": "Direct",
         "requested": "[3.2.0, )",
 
@@ -71,7 +71,9 @@ internal static async ValueTask<ReadOnlyMemory<byte>> Sign(
         Signature signature = await signingDelegate(
             privateKey.AsReadOnlyMemory(),
             sigStructure,
-            memoryPool).ConfigureAwait(false);
+            memoryPool,
+            context: null,
+            cancellationToken: cancellationToken).ConfigureAwait(false);
 
         //Serialize COSE_Sign1 = #6.18([protected, unprotected, payload, signature]).
         byte[] coseSign1 = SerializeCoseSign1(
 
@@ -149,7 +149,9 @@ public static async ValueTask<CoseCredentialVerificationResult> VerifyCoseAsync(
         bool isValid = await verificationDelegate(
             toBeSigned,
             message.Signature,
-            publicKey.AsReadOnlyMemory()).ConfigureAwait(false);
+            publicKey.AsReadOnlyMemory(),
+            context: null,
+            cancellationToken: cancellationToken).ConfigureAwait(false);
 
         if(!isValid)
         {
 
@@ -122,7 +122,9 @@ public static async ValueTask<JwsMessage> SignJwsAsync(
         Signature signature = await signingDelegate(
             privateKey.AsReadOnlyMemory(),
             signingInputMemory,
-            memoryPool).ConfigureAwait(false);
+            memoryPool,
+            context: null,
+            cancellationToken: cancellationToken).ConfigureAwait(false);
 
         var signatureComponent = new JwsSignatureComponent(
             headerSegment,
@@ -195,7 +197,9 @@ public static async ValueTask<JwsCredentialVerificationResult> VerifyJwsAsync(
         bool isValid = await verificationDelegate(
             verifyInputMemory,
             signatureBytesOwner.Memory,
-            publicKey.AsReadOnlyMemory()).ConfigureAwait(false);
+            publicKey.AsReadOnlyMemory(),
+            context: null,
+            cancellationToken: cancellationToken).ConfigureAwait(false);
 
         return new JwsCredentialVerificationResult(isValid, header, credential);
     }
@@ -255,7 +259,9 @@ public static async ValueTask<JwsCredentialVerificationResult> VerifyJwsAsync(
         bool isValid = await verificationDelegate(
             verifyInputMemory,
             signature.Signature.AsReadOnlyMemory(),
-            publicKey.AsReadOnlyMemory()).ConfigureAwait(false);
+            publicKey.AsReadOnlyMemory(),
+            context: null,
+            cancellationToken: cancellationToken).ConfigureAwait(false);
 
         VerifiableCredential credential = credentialDeserializer(message.Payload.Span);
         var header = new Dictionary<string, object>(signature.ProtectedHeader);