added public key verification to private parameters where public key is provided.

dghgit · dghgit · commit 47539e2e75a3 · 2024-11-13T16:46:29.000+11:00
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/mldsa/MLDSAPrivateKeyParameters.java
@@ -74,15 +74,16 @@ public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] encoding, MLDSAP
             delta = eng.getDilithiumK() * MLDSAEngine.DilithiumPolyT0PackedBytes;
             this.t0 = Arrays.copyOfRange(encoding, index, index + delta);
             index += delta;
+            this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);
 
             if (pubKey != null)
             {
-                this.t1 = pubKey.getT1();
-            }
-            else
-            {
-                this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);
+                if (!Arrays.constantTimeAreEqual(this.t1, pubKey.getT1()))
+                {
+                    throw new IllegalArgumentException("passed in public key does not match private values");
+                }
             }
+
             this.seed = null;
         }
     }

Original file line number	Diff line number	Diff line change
`@@ -74,15 +74,16 @@ public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] encoding, MLDSAP`
`74`	`74`	`delta = eng.getDilithiumK() * MLDSAEngine.DilithiumPolyT0PackedBytes;`
`75`	`75`	`this.t0 = Arrays.copyOfRange(encoding, index, index + delta);`
`76`	`76`	`index += delta;`
	`77`	`+ this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);`
`77`	`78`
`78`	`79`	`if (pubKey != null)`
`79`	`80`	`{`
`80`		`- this.t1 = pubKey.getT1();`
`81`		`- }`
`82`		`- else`
`83`		`- {`
`84`		`- this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);`
	`81`	`+ if (!Arrays.constantTimeAreEqual(this.t1, pubKey.getT1()))`
	`82`	`+ {`
	`83`	`+ throw new IllegalArgumentException("passed in public key does not match private values");`
	`84`	`+ }`
`85`	`85`	`}`
	`86`	`+`
`86`	`87`	`this.seed = null;`
`87`	`88`	`}`
`88`	`89`	`}`