bcgit
diff --git a/‎core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java‎
Lines changed: 6 additions & 5 deletions b/‎core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java‎
Lines changed: 6 additions & 5 deletions
diff --git a/‎pg/src/main/java/org/bouncycastle/bcpg/PublicKeyPacket.java‎
Lines changed: 1 addition & 1 deletion b/‎pg/src/main/java/org/bouncycastle/bcpg/PublicKeyPacket.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pg/src/main/java/org/bouncycastle/bcpg/SignaturePacket.java‎
Lines changed: 2 additions & 11 deletions b/‎pg/src/main/java/org/bouncycastle/bcpg/SignaturePacket.java‎
Lines changed: 2 additions & 11 deletions
diff --git a/‎pg/src/main/java/org/bouncycastle/bcpg/StreamUtil.java‎
Lines changed: 1 addition & 1 deletion b/‎pg/src/main/java/org/bouncycastle/bcpg/StreamUtil.java‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎pg/src/main/java/org/bouncycastle/openpgp/PGPPublicKey.java‎
Lines changed: 20 additions & 3 deletions b/‎pg/src/main/java/org/bouncycastle/openpgp/PGPPublicKey.java‎
Lines changed: 20 additions & 3 deletions
@@ -74,15 +74,16 @@ public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] encoding, MLDSAP
             delta = eng.getDilithiumK() * MLDSAEngine.DilithiumPolyT0PackedBytes;
             this.t0 = Arrays.copyOfRange(encoding, index, index + delta);
             index += delta;
+            this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);
 
             if (pubKey != null)
             {
-                this.t1 = pubKey.getT1();
-            }
-            else
-            {
-                this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);
+                if (!Arrays.constantTimeAreEqual(this.t1, pubKey.getT1()))
+                {
+                    throw new IllegalArgumentException("passed in public key does not match private values");
+                }
             }
+
             this.seed = null;
         }
     }
 
@@ -136,7 +136,7 @@ public class PublicKeyPacket
             throw new UnsupportedPacketVersionException("Unsupported Public Key Packet version encountered: " + version);
         }
 
-        time = StreamUtil.read4OctetLength(in);
+        time = StreamUtil.read4OctetLength(in) & 0xFFFFFFFFL;
 
         if (version == 2 || version == VERSION_3)
         {
 
@@ -254,24 +254,15 @@ private void parseSignature(BCPGInputStream in)
                 signature[0] = v;
                 break;
             case DSA:
+            case ELGAMAL_ENCRYPT: // yep, this really does happen sometimes.
+            case ELGAMAL_GENERAL:
                 MPInteger    r = new MPInteger(in);
                 MPInteger    s = new MPInteger(in);
 
                 signature = new MPInteger[2];
                 signature[0] = r;
                 signature[1] = s;
                 break;
-            case ELGAMAL_ENCRYPT: // yep, this really does happen sometimes.
-            case ELGAMAL_GENERAL:
-                MPInteger       p = new MPInteger(in);
-                MPInteger       g = new MPInteger(in);
-                MPInteger       y = new MPInteger(in);
-
-                signature = new MPInteger[3];
-                signature[0] = p;
-                signature[1] = g;
-                signature[2] = y;
-                break;
             case Ed448:
                 signatureEncoding = new byte[org.bouncycastle.math.ec.rfc8032.Ed448.SIGNATURE_SIZE];
                 in.readFully(signatureEncoding);
 
@@ -117,7 +117,7 @@ static void writeTime(BCPGOutputStream pOut, long time)
     static long readTime(BCPGInputStream in)
         throws IOException
     {
-        return (long)read4OctetLength(in) * 1000L;
+        return ((long)read4OctetLength(in) & 0xFFFFFFFFL) * 1000L;
     }
 
     static void write2OctetLength(OutputStream pOut, int len)
 
@@ -10,15 +10,18 @@
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers;
+import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
 import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
 import org.bouncycastle.asn1.x9.ECNamedCurveTable;
 import org.bouncycastle.asn1.x9.X9ECParametersHolder;
 import org.bouncycastle.bcpg.BCPGKey;
 import org.bouncycastle.bcpg.BCPGOutputStream;
 import org.bouncycastle.bcpg.DSAPublicBCPGKey;
 import org.bouncycastle.bcpg.ECPublicBCPGKey;
+import org.bouncycastle.bcpg.Ed448PublicBCPGKey;
 import org.bouncycastle.bcpg.ElGamalPublicBCPGKey;
 import org.bouncycastle.bcpg.KeyIdentifier;
+import org.bouncycastle.bcpg.OctetArrayBCPGKey;
 import org.bouncycastle.bcpg.PublicKeyAlgorithmTags;
 import org.bouncycastle.bcpg.PublicKeyPacket;
 import org.bouncycastle.bcpg.PublicSubkeyPacket;
@@ -28,6 +31,7 @@
 import org.bouncycastle.bcpg.UserAttributePacket;
 import org.bouncycastle.bcpg.UserDataPacket;
 import org.bouncycastle.bcpg.UserIDPacket;
+import org.bouncycastle.bcpg.X448PublicBCPGKey;
 import org.bouncycastle.openpgp.operator.KeyFingerPrintCalculator;
 import org.bouncycastle.util.Arrays;
 
@@ -47,7 +51,7 @@ public class PGPPublicKey
     List<List<PGPSignature>> idSigs = new ArrayList<List<PGPSignature>>();
 
     List<PGPSignature> subSigs = null;
-    
+
     private KeyIdentifier keyIdentifier;
     private int keyStrength;
 
@@ -90,6 +94,14 @@ else if (key instanceof ECPublicBCPGKey)
                 {
                     this.keyStrength = 256;
                 }
+                else if (curveOID.equals(EdECObjectIdentifiers.id_X448))
+                {
+                    this.keyStrength = X448PublicBCPGKey.LENGTH * 8;
+                }
+                else if (curveOID.equals(EdECObjectIdentifiers.id_Ed448))
+                {
+                    this.keyStrength = Ed448PublicBCPGKey.LENGTH * 8;
+                }
                 else
                 {
                     X9ECParametersHolder ecParameters = ECNamedCurveTable.getByOIDLazy(curveOID);
@@ -104,6 +116,10 @@ else if (key instanceof ECPublicBCPGKey)
                     }
                 }
             }
+            else if (key instanceof OctetArrayBCPGKey)
+            {
+                this.keyStrength = key.getEncoded().length * 8;
+            }
         }
     }
 
@@ -150,7 +166,7 @@ public PGPPublicKey(PublicKeyPacket publicKeyPacket, KeyFingerPrintCalculator fi
         this.publicPk = key.publicPk;
         this.trustPk = trust;
         this.subSigs = subSigs;
-        
+
         this.keyStrength = key.keyStrength;
         this.keyIdentifier = key.keyIdentifier;
     }
@@ -1216,7 +1232,8 @@ private static void joinPgpSignatureList(List<PGPSignature> source,
             for (int i = 0; isNotNull && i < rlt.size(); i++)
             {
                 PGPSignature existingSubSig = (PGPSignature)rlt.get(i);
-                if (PGPSignature.isSignatureEncodingEqual(existingSubSig, copySubSig))
+                if (existingSubSig.getVersion() == copySubSig.getVersion() &&
+                    PGPSignature.isSignatureEncodingEqual(existingSubSig, copySubSig))
                 {
                     found = true;
                     // join existing sig with copy to apply modifications in unhashed subpackets
Original file line number	Diff line number	Diff line change
`@@ -74,15 +74,16 @@ public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] encoding, MLDSAP`
`74`	`74`	`delta = eng.getDilithiumK() * MLDSAEngine.DilithiumPolyT0PackedBytes;`
`75`	`75`	`this.t0 = Arrays.copyOfRange(encoding, index, index + delta);`
`76`	`76`	`index += delta;`
	`77`	`+ this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);`
`77`	`78`
`78`	`79`	`if (pubKey != null)`
`79`	`80`	`{`
`80`		`- this.t1 = pubKey.getT1();`
`81`		`- }`
`82`		`- else`
`83`		`- {`
`84`		`- this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);`
	`81`	`+ if (!Arrays.constantTimeAreEqual(this.t1, pubKey.getT1()))`
	`82`	`+ {`
	`83`	`+ throw new IllegalArgumentException("passed in public key does not match private values");`
	`84`	`+ }`
`85`	`85`	`}`
	`86`	`+`
`86`	`87`	`this.seed = null;`
`87`	`88`	`}`
`88`	`89`	`}`
Original file line number	Diff line number	Diff line change
`@@ -136,7 +136,7 @@ public class PublicKeyPacket`
`136`	`136`	`throw new UnsupportedPacketVersionException("Unsupported Public Key Packet version encountered: " + version);`
`137`	`137`	`}`
`138`	`138`
`139`		`- time = StreamUtil.read4OctetLength(in);`
	`139`	`+ time = StreamUtil.read4OctetLength(in) & 0xFFFFFFFFL;`
`140`	`140`
`141`	`141`	`if (version == 2 \|\| version == VERSION_3)`
`142`	`142`	`{`
Original file line number	Diff line number	Diff line change
`@@ -117,7 +117,7 @@ static void writeTime(BCPGOutputStream pOut, long time)`
`117`	`117`	`static long readTime(BCPGInputStream in)`
`118`	`118`	`throws IOException`
`119`	`119`	`{`
`120`		`- return (long)read4OctetLength(in) * 1000L;`
	`120`	`+ return ((long)read4OctetLength(in) & 0xFFFFFFFFL) * 1000L;`
`121`	`121`	`}`
`122`	`122`
`123`	`123`	`static void write2OctetLength(OutputStream pOut, int len)`