Skip to content

Commit 45c7e85

Browse files
author
gefeili
committed
Merge branch 'main' into 1912-openpgp-operator-fix
2 parents eb34aa9 + 4580acc commit 45c7e85

File tree

3 files changed

+47
-16
lines changed

3 files changed

+47
-16
lines changed

core/src/main/java/org/bouncycastle/pqc/crypto/lms/HSSPrivateKeyParameters.java

Lines changed: 10 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -121,7 +121,16 @@ else if (src instanceof byte[])
121121
try // 1.5 / 1.6 compatibility
122122
{
123123
in = new DataInputStream(new ByteArrayInputStream((byte[])src));
124-
return getInstance(in);
124+
try
125+
{
126+
return getInstance(in);
127+
}
128+
catch (Exception e)
129+
{
130+
// old style single LMS key.
131+
LMSPrivateKeyParameters lmsKey = LMSPrivateKeyParameters.getInstance(src);
132+
return new HSSPrivateKeyParameters(lmsKey, lmsKey.getIndex(), lmsKey.getIndex() + lmsKey.getUsagesRemaining());
133+
}
125134
}
126135
finally
127136
{

core/src/main/java/org/bouncycastle/pqc/math/ntru/Polynomial.java

Lines changed: 20 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -147,28 +147,33 @@ public byte[] s3ToBytes(int messageSize)
147147

148148
public void s3ToBytes(byte[] msg, int msgOff)
149149
{
150-
byte c;
150+
int degree = params.packDegree(), limit = degree - 5;
151151

152-
for (int i = 0; i < params.packDegree() / 5; i++)
152+
int i = 0;
153+
while (i <= limit)
153154
{
154-
c = (byte)(this.coeffs[5 * i + 4] & 255);
155-
c = (byte)(3 * c + this.coeffs[5 * i + 3] & 255);
156-
c = (byte)(3 * c + this.coeffs[5 * i + 2] & 255);
157-
c = (byte)(3 * c + this.coeffs[5 * i + 1] & 255);
158-
c = (byte)(3 * c + this.coeffs[5 * i + 0] & 255);
159-
msg[i + msgOff] = c;
155+
int c0 = (coeffs[i + 0] & 0xFF);
156+
int c1 = (coeffs[i + 1] & 0xFF) * 3;
157+
int c2 = (coeffs[i + 2] & 0xFF) * 9;
158+
int c3 = (coeffs[i + 3] & 0xFF) * 27;
159+
int c4 = (coeffs[i + 4] & 0xFF) * 81;
160+
161+
msg[msgOff++] = (byte)(c0 + c1 + c2 + c3 + c4);
162+
i += 5;
160163
}
161164

162-
// if 5 does not divide NTRU_N-1
163-
if (params.packDegree() > (params.packDegree() / 5) * 5)
165+
if (i < degree)
164166
{
165-
int i = params.packDegree() / 5;
166-
c = 0;
167-
for (int j = params.packDegree() - (5 * i) - 1; j >= 0; j--)
167+
int j = degree - 1;
168+
int c = coeffs[j] & 0xFF;
169+
170+
while (--j >= i)
168171
{
169-
c = (byte)(3 * c + this.coeffs[5 * i + j] & 255);
172+
c *= 3;
173+
c += coeffs[j] & 0xFF;
170174
}
171-
msg[i + msgOff] = c;
175+
176+
msg[msgOff++] = (byte)c;
172177
}
173178
}
174179

prov/src/test/java/org/bouncycastle/pqc/jcajce/provider/test/LMSTest.java

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -34,6 +34,9 @@ public class LMSTest
3434
private static final byte[] nestedPublicKey = Base64.decode("MFAwDQYLKoZIhvcNAQkQAxEDPwAEPAAAAAEAAAAFAAAAAa3sRFhG3xQtT/xfuJJswgV80jvx/sFlYxteNrZ0hheITiUL/bJ8wJpphIpoSB/E9g==");
3535
private static final byte[] nestedPrivateKey = Base64.decode("MIG6AgEBMA0GCyqGSIb3DQEJEAMRBGcEZQAAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAUAAAABrexEWEbfFC1P/F+4kmzCBQAAAAAAAAAgAAAAIO01yI+Hj7eX+P2clcPDW0SzllJ4uzQt1JenbcllHpQngT0AAAAAAQAAAAUAAAABrexEWEbfFC1P/F+4kmzCBXzSO/H+wWVjG142tnSGF4hOJQv9snzAmmmEimhIH8T2");
3636

37+
private static byte[] lmsPublicEnc = Base64.decode("MFAwDQYLKoZIhvcNAQkQAxEDPwAEPAAAAAEAAAAFAAAAAXjGRFXZMjGgOKA/sHWwYWNl6eTf5nI+RcEvlnIKQHQXpxNDreZCkeFm6x9CBN4YlA==");
38+
private static byte[] lmsPrivateEnc = Base64.decode("MIGhAgEBMA0GCyqGSIb3DQEJEAMRBE4ETAAAAAEAAAAAAAAABQAAAAF4xkRV2TIxoDigP7B1sGFjAAAAAAAAACAAAAAghIRA7xa5TChn4+0KIh1LvGLp14alEkmcz3m3v7kTiBeBPQAAAAABAAAABQAAAAF4xkRV2TIxoDigP7B1sGFjZenk3+ZyPkXBL5ZyCkB0F6cTQ63mQpHhZusfQgTeGJQ=");
39+
3740
public void setUp()
3841
{
3942
if (Security.getProvider(BouncyCastleProvider.PROVIDER_NAME) == null)
@@ -42,6 +45,20 @@ public void setUp()
4245
}
4346
}
4447

48+
public void testLmsOldKeyEncoding()
49+
throws Exception
50+
{
51+
PKCS8EncodedKeySpec lmsPrivateKeySpec = new PKCS8EncodedKeySpec(lmsPrivateEnc);
52+
X509EncodedKeySpec lmsPublicKeySpec = new X509EncodedKeySpec(lmsPublicEnc);
53+
54+
KeyFactory kFact = KeyFactory.getInstance("LMS", "BC");
55+
56+
PrivateKey lmsPrivateKey = kFact.generatePrivate(lmsPrivateKeySpec);
57+
PublicKey lmsPublicKey = kFact.generatePublic(lmsPublicKeySpec);
58+
59+
trySigning(new KeyPair(lmsPublicKey, lmsPrivateKey));
60+
}
61+
4562
public void testKeyPairGenerators()
4663
throws Exception
4764
{

0 commit comments

Comments
 (0)