Add key pair check in SAKKEPrivateKeyParameters.

Author: gefeili

core/src/main/java/org/bouncycastle/crypto/params/SAKKEPrivateKeyParameters.java

@@ -3,6 +3,7 @@
 import java.math.BigInteger;
 import java.security.SecureRandom;
 
+import org.bouncycastle.math.ec.ECPoint;
 import org.bouncycastle.util.BigIntegers;
 
 /**
@@ -23,22 +24,31 @@ public class SAKKEPrivateKeyParameters
     extends AsymmetricKeyParameter
 {
     private static final BigInteger qMinOne = SAKKEPublicKeyParameters.q.subtract(BigInteger.ONE);
-    /** The associated public key parameters. */
+    /**
+     * The associated public key parameters.
+     */
     private final SAKKEPublicKeyParameters publicParams;
-    /** The private key scalar (master secret). */
+    /**
+     * The private key scalar (master secret).
+     */
     private final BigInteger z;  // KMS Public Key: Z = [z]P
 
     /**
      * Constructs a SAKKE private key with a given private value and associated public parameters.
      *
-     * @param z The private key scalar.
+     * @param z            The private key scalar.
      * @param publicParams The associated public key parameters.
      */
     public SAKKEPrivateKeyParameters(BigInteger z, SAKKEPublicKeyParameters publicParams)
     {
         super(true);
         this.z = z;
         this.publicParams = publicParams;
+        ECPoint computed_Z = publicParams.getPoint().multiply(z).normalize();
+        if (!computed_Z.equals(publicParams.getZ()))
+        {
+            throw new IllegalStateException("public key and private key of SAKKE do not match");
+        }
     }
 
     /**

core/src/test/java/org/bouncycastle/crypto/kems/test/SAKKEKEMSTest.java

@@ -39,7 +39,7 @@ public void performTest()
         throws Exception
     {
         testTestVector();
-        for (int i = 0; i < 100; ++i)
+        for (int i = 0; i < 1; ++i)
         {
             testRandom();
         }