updated composite key private key format.

Author: dghgit

pkix/src/test/java/org/bouncycastle/openssl/test/CompositeKeyTest.java

@@ -451,6 +451,82 @@ public void testRSAAndECCompositeSignedDataGen()
         //doOutput("/tmp/comp_cms_1.pem", sWrt.toString());
     }
 
+    public void testMLDSA44andP256()
+        throws Exception
+    {
+        //
+        // set up the keys
+        //
+        KeyPairGenerator ecKpg = KeyPairGenerator.getInstance("EC", "BC");
+
+        ecKpg.initialize(new ECNamedCurveGenParameterSpec("P-256"));
+
+        KeyPair ecKp = ecKpg.generateKeyPair();
+
+        PrivateKey ecPriv = ecKp.getPrivate();
+        PublicKey ecPub = ecKp.getPublic();
+
+        KeyPairGenerator rmldsaKpg = KeyPairGenerator.getInstance("ML-DSA-44", "BC");
+
+        KeyPair mldsaKp = rmldsaKpg.generateKeyPair();
+
+        PrivateKey mldsaPriv = mldsaKp.getPrivate();
+        PublicKey mldsaPub = mldsaKp.getPublic();
+
+        CompositePrivateKey mlecPriv = new CompositePrivateKey(mldsaPriv, ecPriv);
+
+//        JcaPEMWriter pWrt = new JcaPEMWriter(new FileWriter("/tmp/mldsa44_ec_p256_priv.pem"));
+//
+//        pWrt.writeObject(mlecPriv);
+//
+//        pWrt.close();
+//
+//        CompositePublicKey mlecPub = new CompositePublicKey(mldsaPub, ecPub);
+//
+//        pWrt = new JcaPEMWriter(new FileWriter("/tmp/mldsa44_ec_p256_pub.pem"));
+//
+//        pWrt.writeObject(mlecPub);
+//
+//        pWrt.close();
+    }
+
+    public void testMLDSA87andEd448()
+        throws Exception
+    {
+        //
+        // set up the keys
+        //
+        KeyPairGenerator ecKpg = KeyPairGenerator.getInstance("ED448", "BC");
+
+        KeyPair ecKp = ecKpg.generateKeyPair();
+
+        PrivateKey ecPriv = ecKp.getPrivate();
+        PublicKey ecPub = ecKp.getPublic();
+
+        KeyPairGenerator rmldsaKpg = KeyPairGenerator.getInstance("ML-DSA-87", "BC");
+
+        KeyPair mldsaKp = rmldsaKpg.generateKeyPair();
+
+        PrivateKey mldsaPriv = mldsaKp.getPrivate();
+        PublicKey mldsaPub = mldsaKp.getPublic();
+
+        CompositePrivateKey mlecPriv = new CompositePrivateKey(mldsaPriv, ecPriv);
+
+//        JcaPEMWriter pWrt = new JcaPEMWriter(new FileWriter("/tmp/mldsa87_ed448_priv.pem"));
+//
+//        pWrt.writeObject(mlecPriv);
+//
+//        pWrt.close();
+//
+//        CompositePublicKey mlecPub = new CompositePublicKey(mldsaPub, ecPub);
+//
+//        pWrt = new JcaPEMWriter(new FileWriter("/tmp/mldsa87_ed448_pub.pem"));
+//
+//        pWrt.writeObject(mlecPub);
+//
+//        pWrt.close();
+    }
+
     private static void doOutput(String fileName, String contents)
         throws IOException
     {

prov/src/main/java/org/bouncycastle/jcajce/CompositePrivateKey.java

@@ -134,7 +134,14 @@ public byte[] getEncoded()
 
         for (int i = 0; i < keys.size(); i++)
         {
-            v.add(PrivateKeyInfo.getInstance(keys.get(i).getEncoded()));
+            ASN1EncodableVector kV = new ASN1EncodableVector();
+
+            PrivateKeyInfo info = PrivateKeyInfo.getInstance(keys.get(i).getEncoded());
+
+            kV.add(info.getPrivateKeyAlgorithm());
+            kV.add(info.getPrivateKey());
+
+            v.add(new DERSequence(kV));
         }
 
         try

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/COMPOSITE.java

@@ -8,7 +8,9 @@
 import java.util.HashMap;
 import java.util.Map;
 
+import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.DERSequence;
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.internal.asn1.misc.MiscObjectIdentifiers;
@@ -89,10 +91,28 @@ public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
 
             for (int i = 0; i != keySeq.size(); i++)
             {
-                PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(keySeq.getObjectAt(i));
+                ASN1Sequence kSeq = ASN1Sequence.getInstance(keySeq.getObjectAt(i));
 
-                privKeys[i] = provider.getKeyInfoConverter(
-                    privInfo.getPrivateKeyAlgorithm().getAlgorithm()).generatePrivate(privInfo);
+                if (kSeq.size() == 2)
+                {
+                    ASN1EncodableVector v = new ASN1EncodableVector(2);
+
+                    v.add(keyInfo.getVersion());
+                    v.add(kSeq.getObjectAt(0));
+                    v.add(kSeq.getObjectAt(1));
+
+                    PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(new DERSequence(v));
+
+                    privKeys[i] = provider.getKeyInfoConverter(
+                                               privInfo.getPrivateKeyAlgorithm().getAlgorithm()).generatePrivate(privInfo);
+                }
+                else
+                {
+                    PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(kSeq);
+
+                    privKeys[i] = provider.getKeyInfoConverter(
+                            privInfo.getPrivateKeyAlgorithm().getAlgorithm()).generatePrivate(privInfo);
+                }
             }
 
             return new CompositePrivateKey(privKeys);

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/compositesignatures/KeyFactorySpi.java

@@ -16,6 +16,7 @@
 import java.util.List;
 
 import org.bouncycastle.asn1.ASN1BitString;
+import org.bouncycastle.asn1.ASN1EncodableVector;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.DERBitString;
@@ -100,10 +101,28 @@ public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
             PrivateKey[] privateKeys = new PrivateKey[seq.size()];
             for (int i = 0; i < seq.size(); i++)
             {
-                // We assume each component is of type OneAsymmetricKey (PrivateKeyInfo) as defined by the draft RFC
-                // and use the component key factory to decode the component key from PrivateKeyInfo.
-                PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(PrivateKeyInfo.getInstance(seq.getObjectAt(i)).getEncoded());
-                privateKeys[i] = factories.get(i).generatePrivate(keySpec);
+                ASN1Sequence keySeq = ASN1Sequence.getInstance(seq.getObjectAt(i));
+
+                // new format
+                if (keySeq.size() == 2)
+                {
+                    ASN1EncodableVector v = new ASN1EncodableVector(2);
+
+                    v.add(keyInfo.getVersion());
+                    v.add(keySeq.getObjectAt(0));
+                    v.add(keySeq.getObjectAt(1));
+
+                    PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(
+                        PrivateKeyInfo.getInstance(new DERSequence(v)).getEncoded());
+                    privateKeys[i] = factories.get(i).generatePrivate(keySpec);
+                }
+                else // old format
+                {
+                    // We assume each component is of type OneAsymmetricKey (PrivateKeyInfo) as defined by the draft RFC
+                    // and use the component key factory to decode the component key from PrivateKeyInfo.
+                    PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(PrivateKeyInfo.getInstance(keySeq).getEncoded());
+                    privateKeys[i] = factories.get(i).generatePrivate(keySpec);
+                }
             }
             return new CompositePrivateKey(keyIdentifier, privateKeys);
         }