added getPrivateData methods.

added KeySpecs support for ML-DSA and associated factories.

Author: dghgit

prov/src/main/java/org/bouncycastle/jcajce/interfaces/MLDSAPrivateKey.java

@@ -11,4 +11,18 @@ public interface MLDSAPrivateKey
      * @return a ML-DSA Public Key
      */
     MLDSAPublicKey getPublicKey();
+
+    /**
+     * Return the long form private data for the ML-DSA private key.
+     *
+     * @return long form private data for private key.
+     */
+    byte[] getPrivateData();
+
+    /**
+     * Return the seed the private key was generated from (if available).
+     *
+     * @return the seed for the private key, null if not available.
+     */
+    byte[] getSeed();
 }

prov/src/main/java/org/bouncycastle/jcajce/interfaces/MLKEMPrivateKey.java

@@ -11,4 +11,18 @@ public interface MLKEMPrivateKey
      * @return a ML-KEM Public Key
      */
     MLKEMPublicKey getPublicKey();
+
+    /**
+     * Return the long form private data for the ML-KEM private key.
+     *
+     * @return long form private data for private key.
+     */
+    byte[] getPrivateData();
+
+    /**
+     * Return the seed the private key was generated from (if available).
+     *
+     * @return the seed for the private key, null if not available.
+     */
+    byte[] getSeed();
 }

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/mldsa/BCMLDSAPrivateKey.java

@@ -104,6 +104,18 @@ public MLDSAPublicKey getPublicKey()
         return new BCMLDSAPublicKey(params.getPublicKeyParameters());
     }
 
+    @Override
+    public byte[] getPrivateData()
+    {
+        return params.getEncoded();
+    }
+
+    @Override
+    public byte[] getSeed()
+    {
+        return params.getSeed();
+    }
+
     public MLDSAParameterSpec getParameterSpec()
     {
         return MLDSAParameterSpec.fromName(params.getParameters().getName());

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/mldsa/MLDSAKeyFactorySpi.java

@@ -16,6 +16,11 @@
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import org.bouncycastle.jcajce.spec.MLDSAPrivateKeySpec;
+import org.bouncycastle.jcajce.spec.MLDSAPublicKeySpec;
+import org.bouncycastle.pqc.crypto.mldsa.MLDSAParameters;
+import org.bouncycastle.pqc.crypto.mldsa.MLDSAPrivateKeyParameters;
+import org.bouncycastle.pqc.crypto.mldsa.MLDSAPublicKeyParameters;
 import org.bouncycastle.pqc.jcajce.provider.util.BaseKeyFactorySpi;
 
 public class MLDSAKeyFactorySpi
@@ -57,13 +62,33 @@ public final KeySpec engineGetKeySpec(Key key, Class keySpec)
             {
                 return new PKCS8EncodedKeySpec(key.getEncoded());
             }
+            if (MLDSAPrivateKeySpec.class.isAssignableFrom(keySpec))
+            {
+                BCMLDSAPrivateKey mldsaKey = (BCMLDSAPrivateKey)key;
+                byte[] seed = mldsaKey.getSeed();
+                if (seed != null)
+                {
+                    return new MLDSAPrivateKeySpec(mldsaKey.getParameterSpec(), seed);
+                }
+                return new MLDSAPrivateKeySpec(mldsaKey.getParameterSpec(), mldsaKey.getPrivateData(), mldsaKey.getPublicKey().getPublicData());
+            }
+            if (MLDSAPublicKeySpec.class.isAssignableFrom(keySpec))
+            {
+                BCMLDSAPrivateKey mldsaKey = (BCMLDSAPrivateKey)key;
+                return new MLDSAPublicKeySpec(mldsaKey.getParameterSpec(), mldsaKey.getPublicKey().getPublicData());
+            }
         }
         else if (key instanceof BCMLDSAPublicKey)
         {
             if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
             {
                 return new X509EncodedKeySpec(key.getEncoded());
             }
+            if (MLDSAPublicKeySpec.class.isAssignableFrom(keySpec))
+            {
+                BCMLDSAPublicKey mldsaKey = (BCMLDSAPublicKey)key;
+                return new MLDSAPublicKeySpec(mldsaKey.getParameterSpec(), mldsaKey.getPublicData());
+            }
         }
         else
         {
@@ -86,6 +111,57 @@ public final Key engineTranslateKey(Key key)
         throw new InvalidKeyException("Unsupported key type");
     }
 
+    public PrivateKey engineGeneratePrivate(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof MLDSAPrivateKeySpec)
+        {
+            MLDSAPrivateKeySpec spec = (MLDSAPrivateKeySpec)keySpec;
+            MLDSAPrivateKeyParameters params;
+            MLDSAParameters mldsaParameters = Utils.getParameters(spec.getParameterSpec().getName());
+            if (spec.isSeed())
+            {
+                params = new MLDSAPrivateKeyParameters(
+                    mldsaParameters, spec.getSeed());
+            }
+            else
+            {
+                byte[] publicData = spec.getPublicData();
+                if (publicData != null)
+                {
+                    params = new MLDSAPrivateKeyParameters(
+                        mldsaParameters, spec.getPrivateData(), new MLDSAPublicKeyParameters(mldsaParameters, publicData));
+                }
+                else
+                {
+                    params = new MLDSAPrivateKeyParameters(
+                        mldsaParameters, spec.getPrivateData(), null);
+                }
+            }
+
+            return new BCMLDSAPrivateKey(params);
+        }
+
+        return super.engineGeneratePrivate(keySpec);
+    }
+
+    public PublicKey engineGeneratePublic(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof MLDSAPublicKeySpec)
+        {
+            MLDSAPublicKeySpec spec = (MLDSAPublicKeySpec)keySpec;
+
+            return new BCMLDSAPublicKey(new MLDSAPublicKeyParameters(
+                Utils.getParameters(spec.getParameterSpec().getName()),
+                spec.getPublicData()));
+        }
+
+        return super.engineGeneratePublic(keySpec);
+    }
+
     public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
             throws IOException
     {

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/mldsa/MLDSAKeyPairGeneratorSpi.java

@@ -5,8 +5,6 @@
 import java.security.NoSuchAlgorithmException;
 import java.security.SecureRandom;
 import java.security.spec.AlgorithmParameterSpec;
-import java.util.HashMap;
-import java.util.Map;
 
 import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
 import org.bouncycastle.crypto.CryptoServicesRegistrar;
@@ -23,18 +21,6 @@
 public class MLDSAKeyPairGeneratorSpi
     extends java.security.KeyPairGenerator
 {
-    private static Map parameters = new HashMap();
-
-    static
-    {
-        parameters.put(MLDSAParameterSpec.ml_dsa_44.getName(), MLDSAParameters.ml_dsa_44);
-        parameters.put(MLDSAParameterSpec.ml_dsa_65.getName(), MLDSAParameters.ml_dsa_65);
-        parameters.put(MLDSAParameterSpec.ml_dsa_87.getName(), MLDSAParameters.ml_dsa_87);
-        parameters.put(MLDSAParameterSpec.ml_dsa_44_with_sha512.getName(), MLDSAParameters.ml_dsa_44_with_sha512);
-        parameters.put(MLDSAParameterSpec.ml_dsa_65_with_sha512.getName(), MLDSAParameters.ml_dsa_65_with_sha512);
-        parameters.put(MLDSAParameterSpec.ml_dsa_87_with_sha512.getName(), MLDSAParameters.ml_dsa_87_with_sha512);
-    }
-
     private final MLDSAParameters mldsaParameters;
     MLDSAKeyGenerationParameters param;
     MLDSAKeyPairGenerator engine = new MLDSAKeyPairGenerator();
@@ -51,7 +37,7 @@ public MLDSAKeyPairGeneratorSpi(String name)
     protected MLDSAKeyPairGeneratorSpi(MLDSAParameterSpec paramSpec)
     {
         super(Strings.toUpperCase(paramSpec.getName()));
-        this.mldsaParameters = (MLDSAParameters)parameters.get(paramSpec.getName());
+        this.mldsaParameters = Utils.getParameters(paramSpec.getName());
 
         if (param == null)
         {
@@ -92,7 +78,7 @@ public void initialize(
 
         if (name != null)
         {
-            MLDSAParameters mldsaParams = (MLDSAParameters)parameters.get(name);
+            MLDSAParameters mldsaParams = Utils.getParameters(name);
             if (mldsaParams == null)
             {
                 throw new InvalidAlgorithmParameterException("unknown parameter set name: " + name);

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/mldsa/Utils.java

@@ -0,0 +1,27 @@
+package org.bouncycastle.jcajce.provider.asymmetric.mldsa;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.bouncycastle.jcajce.spec.MLDSAParameterSpec;
+import org.bouncycastle.pqc.crypto.mldsa.MLDSAParameters;
+
+class Utils
+{
+    private static Map parameters = new HashMap();
+
+    static
+    {
+        parameters.put(MLDSAParameterSpec.ml_dsa_44.getName(), MLDSAParameters.ml_dsa_44);
+        parameters.put(MLDSAParameterSpec.ml_dsa_65.getName(), MLDSAParameters.ml_dsa_65);
+        parameters.put(MLDSAParameterSpec.ml_dsa_87.getName(), MLDSAParameters.ml_dsa_87);
+        parameters.put(MLDSAParameterSpec.ml_dsa_44_with_sha512.getName(), MLDSAParameters.ml_dsa_44_with_sha512);
+        parameters.put(MLDSAParameterSpec.ml_dsa_65_with_sha512.getName(), MLDSAParameters.ml_dsa_65_with_sha512);
+        parameters.put(MLDSAParameterSpec.ml_dsa_87_with_sha512.getName(), MLDSAParameters.ml_dsa_87_with_sha512);
+    }
+
+    static MLDSAParameters getParameters(String paramName)
+    {
+        return (MLDSAParameters)parameters.get(paramName);
+    }
+}

prov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/mlkem/BCMLKEMPrivateKey.java

@@ -102,6 +102,18 @@ public MLKEMPublicKey getPublicKey()
         return new BCMLKEMPublicKey(params.getPublicKeyParameters());
     }
 
+    @Override
+    public byte[] getPrivateData()
+    {
+        return params.getEncoded();
+    }
+
+    @Override
+    public byte[] getSeed()
+    {
+        return params.getSeed();
+    }
+
     public MLKEMParameterSpec getParameterSpec()
     {
         return MLKEMParameterSpec.fromName(params.getParameters().getName());

prov/src/main/java/org/bouncycastle/jcajce/spec/MLDSAPrivateKeySpec.java

@@ -0,0 +1,85 @@
+package org.bouncycastle.jcajce.spec;
+
+import java.security.spec.KeySpec;
+
+import org.bouncycastle.util.Arrays;
+
+/**
+ * PrivateKeySpec for ML-DSA.
+ */
+public class MLDSAPrivateKeySpec
+    implements KeySpec
+{
+    private final byte[] data;
+    private final byte[] publicData;
+    private final MLDSAParameterSpec params;
+    private final boolean isSeed;
+
+    public MLDSAPrivateKeySpec(MLDSAParameterSpec params, byte[] seed)
+    {
+       if (seed.length != 32)
+       {
+            throw new IllegalArgumentException("incorrect length for seed");
+       }
+
+       this.isSeed = true;
+       this.params = params;
+       this.data = Arrays.clone(seed);
+       this.publicData = null;
+    }
+
+    /**
+     * Create a KeySpec using the long form private and public data.
+     *
+     * @param params the parameter set to use with the encodings.
+     * @param privateData the long form private key.
+     * @param publicData the long form public key - may be null.
+     */
+    public MLDSAPrivateKeySpec(MLDSAParameterSpec params, byte[] privateData, byte[] publicData)
+    {
+       this.isSeed = false;
+       this.params = params;
+       this.data = Arrays.clone(privateData);
+       this.publicData = Arrays.clone(publicData);
+    }
+
+    public boolean isSeed()
+    {
+        return isSeed;
+    }
+
+    public MLDSAParameterSpec getParameterSpec()
+    {
+        return params;
+    }
+
+    public byte[] getSeed()
+    {
+        if (isSeed())
+        {
+            return Arrays.clone(data);
+        }
+
+        throw new IllegalStateException("KeySpec represents long form");
+    }
+
+    public byte[] getPrivateData()
+    {
+        if (!isSeed())
+        {
+            return Arrays.clone(data);
+        }
+
+        throw new IllegalStateException("KeySpec represents seed");
+    }
+
+    public byte[] getPublicData()
+    {
+        if (!isSeed())
+        {
+            return Arrays.clone(publicData);
+        }
+
+        throw new IllegalStateException("KeySpec represents long form");
+    }
+}

prov/src/main/java/org/bouncycastle/jcajce/spec/MLDSAPublicKeySpec.java

@@ -0,0 +1,37 @@
+package org.bouncycastle.jcajce.spec;
+
+import java.security.spec.KeySpec;
+
+import org.bouncycastle.util.Arrays;
+
+/**
+ * PublicKeySpec for ML-DSA.
+ */
+public class MLDSAPublicKeySpec
+    implements KeySpec
+{
+    private final MLDSAParameterSpec params;
+    private final byte[] publicData;
+
+    /**
+     * Base constructor.
+     *
+     * @param params the parameters to use with the passed in encoding.
+     * @param publicData the long form encoding of the public key.
+     */
+    public MLDSAPublicKeySpec(MLDSAParameterSpec params, byte[] publicData)
+    {
+        this.params = params;
+        this.publicData = publicData;
+    }
+
+    public MLDSAParameterSpec getParameterSpec()
+    {
+        return params;
+    }
+
+    public byte[] getPublicData()
+    {
+        return Arrays.clone(publicData);
+    }
+}