Skip to content

Commit d35002f

Browse files
author
royb
committed
added MLDSATest
1 parent aa41e23 commit d35002f

File tree

2 files changed

+318
-0
lines changed

2 files changed

+318
-0
lines changed

core/src/test/java/org/bouncycastle/pqc/crypto/test/AllTests.java

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -39,6 +39,7 @@ public static Test suite()
3939
suite.addTestSuite(FalconTest.class);
4040
suite.addTestSuite(MLKEMTest.class);
4141
suite.addTestSuite(CrystalsDilithiumTest.class);
42+
suite.addTestSuite(MLDSATest.class);
4243
suite.addTestSuite(NTRULPRimeTest.class);
4344
suite.addTestSuite(SNTRUPrimeTest.class);
4445
suite.addTestSuite(BIKETest.class);

core/src/test/java/org/bouncycastle/pqc/crypto/test/MLDSATest.java

Lines changed: 317 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,317 @@
1+
package org.bouncycastle.pqc.crypto.test;
2+
3+
import junit.framework.TestCase;
4+
import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
5+
import org.bouncycastle.crypto.params.ParametersWithRandom;
6+
import org.bouncycastle.pqc.crypto.crystals.dilithium.*;
7+
import org.bouncycastle.pqc.crypto.mldsa.*;
8+
import org.bouncycastle.pqc.crypto.util.PrivateKeyFactory;
9+
import org.bouncycastle.pqc.crypto.util.PrivateKeyInfoFactory;
10+
import org.bouncycastle.pqc.crypto.util.PublicKeyFactory;
11+
import org.bouncycastle.pqc.crypto.util.SubjectPublicKeyInfoFactory;
12+
import org.bouncycastle.test.TestResourceFinder;
13+
import org.bouncycastle.util.Arrays;
14+
15+
import org.bouncycastle.util.encoders.Hex;
16+
17+
import java.io.BufferedReader;
18+
import java.io.IOException;
19+
import java.io.InputStream;
20+
import java.io.InputStreamReader;
21+
import java.security.SecureRandom;
22+
import java.util.HashMap;
23+
24+
public class MLDSATest extends TestCase
25+
{
26+
public void testKeyGen() throws IOException
27+
{
28+
String[] files = new String[]{
29+
"keyGen_ML-DSA-44.txt",
30+
"keyGen_ML-DSA-65.txt",
31+
"keyGen_ML-DSA-87.txt",
32+
};
33+
34+
MLDSAParameters[] params = new MLDSAParameters[]{
35+
MLDSAParameters.ml_dsa_44,
36+
MLDSAParameters.ml_dsa_65,
37+
MLDSAParameters.ml_dsa_87,
38+
};
39+
40+
TestSampler sampler = new TestSampler();
41+
for (int fileIndex = 0; fileIndex != files.length; fileIndex++)
42+
{
43+
String name = files[fileIndex];
44+
// System.out.println("testing: " + name);
45+
InputStream src = TestResourceFinder.findTestResource("pqc/crypto/dilithium/acvp", name);
46+
BufferedReader bin = new BufferedReader(new InputStreamReader(src));
47+
48+
String line = null;
49+
HashMap<String, String> buf = new HashMap<String, String>();
50+
while ((line = bin.readLine()) != null)
51+
{
52+
line = line.trim();
53+
54+
if (line.startsWith("#"))
55+
{
56+
continue;
57+
}
58+
if (line.length() == 0)
59+
{
60+
if (buf.size() > 0)
61+
{
62+
byte[] seed = Hex.decode((String) buf.get("seed"));
63+
byte[] pk = Hex.decode((String) buf.get("pk"));
64+
byte[] sk = Hex.decode((String) buf.get("sk"));
65+
66+
MLDSAParameters parameters = params[fileIndex];
67+
68+
MLDSAKeyPairGenerator kpGen = new MLDSAKeyPairGenerator();
69+
MLDSAKeyGenerationParameters genParam = new MLDSAKeyGenerationParameters(new SecureRandom(), parameters);
70+
//
71+
// Generate keys and test.
72+
//
73+
kpGen.init(genParam);
74+
AsymmetricCipherKeyPair kp = kpGen.internalGenerateKeyPair(seed);
75+
76+
MLDSAPublicKeyParameters pubParams = (MLDSAPublicKeyParameters) PublicKeyFactory.createKey(
77+
SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(kp.getPublic()));
78+
MLDSAPrivateKeyParameters privParams = (MLDSAPrivateKeyParameters) PrivateKeyFactory.createKey(
79+
PrivateKeyInfoFactory.createPrivateKeyInfo(kp.getPrivate()));
80+
81+
82+
83+
84+
assertTrue(name + ": public key", Arrays.areEqual(pk, pubParams.getEncoded()));
85+
assertTrue(name + ": secret key", Arrays.areEqual(sk, privParams.getEncoded()));
86+
87+
}
88+
buf.clear();
89+
90+
continue;
91+
}
92+
93+
int a = line.indexOf("=");
94+
if (a > -1)
95+
{
96+
buf.put(line.substring(0, a).trim(), line.substring(a + 1).trim());
97+
}
98+
}
99+
// System.out.println("testing successful!");
100+
}
101+
}
102+
103+
public void testSigGen() throws IOException
104+
{
105+
String[] files = new String[]{
106+
"sigGen_ML-DSA-44.txt",
107+
"sigGen_ML-DSA-65.txt",
108+
"sigGen_ML-DSA-87.txt",
109+
};
110+
111+
MLDSAParameters[] params = new MLDSAParameters[]{
112+
MLDSAParameters.ml_dsa_44,
113+
MLDSAParameters.ml_dsa_65,
114+
MLDSAParameters.ml_dsa_87,
115+
};
116+
117+
TestSampler sampler = new TestSampler();
118+
for (int fileIndex = 0; fileIndex != files.length; fileIndex++)
119+
{
120+
String name = files[fileIndex];
121+
// System.out.println("testing: " + name);
122+
InputStream src = TestResourceFinder.findTestResource("pqc/crypto/dilithium/acvp", name);
123+
BufferedReader bin = new BufferedReader(new InputStreamReader(src));
124+
125+
String line = null;
126+
HashMap<String, String> buf = new HashMap<String, String>();
127+
while ((line = bin.readLine()) != null)
128+
{
129+
line = line.trim();
130+
131+
if (line.startsWith("#"))
132+
{
133+
continue;
134+
}
135+
if (line.length() == 0)
136+
{
137+
if (buf.size() > 0)
138+
{
139+
boolean deterministic = !buf.containsKey("rnd");
140+
byte[] sk = Hex.decode((String) buf.get("sk"));
141+
byte[] message = Hex.decode((String) buf.get("message"));
142+
byte[] signature = Hex.decode((String) buf.get("signature"));
143+
byte[] rnd = new byte[32];
144+
if (!deterministic)
145+
{
146+
rnd = Hex.decode((String) buf.get("rnd"));
147+
}
148+
149+
MLDSAParameters parameters = params[fileIndex];
150+
151+
MLDSAPrivateKeyParameters privParams = new MLDSAPrivateKeyParameters(parameters, sk, null);
152+
153+
// sign
154+
MLDSASigner signer = new MLDSASigner();
155+
156+
signer.init(true, privParams);
157+
byte[] sigGenerated = signer.internalGenerateSignature(message, rnd);
158+
159+
assertTrue(Arrays.areEqual(sigGenerated, signature));
160+
}
161+
buf.clear();
162+
163+
continue;
164+
}
165+
166+
int a = line.indexOf("=");
167+
if (a > -1)
168+
{
169+
buf.put(line.substring(0, a).trim(), line.substring(a + 1).trim());
170+
}
171+
}
172+
// System.out.println("testing successful!");
173+
}
174+
}
175+
176+
public void testSigVer() throws IOException
177+
{
178+
String[] files = new String[]{
179+
"sigVer_ML-DSA-44.txt",
180+
"sigVer_ML-DSA-65.txt",
181+
"sigVer_ML-DSA-87.txt",
182+
};
183+
184+
MLDSAParameters[] params = new MLDSAParameters[]{
185+
MLDSAParameters.ml_dsa_44,
186+
MLDSAParameters.ml_dsa_65,
187+
MLDSAParameters.ml_dsa_87,
188+
};
189+
190+
TestSampler sampler = new TestSampler();
191+
for (int fileIndex = 0; fileIndex != files.length; fileIndex++)
192+
{
193+
String name = files[fileIndex];
194+
// System.out.println("testing: " + name);
195+
InputStream src = TestResourceFinder.findTestResource("pqc/crypto/dilithium/acvp", name);
196+
BufferedReader bin = new BufferedReader(new InputStreamReader(src));
197+
198+
String line = null;
199+
HashMap<String, String> buf = new HashMap<String, String>();
200+
while ((line = bin.readLine()) != null)
201+
{
202+
line = line.trim();
203+
204+
if (line.startsWith("#"))
205+
{
206+
continue;
207+
}
208+
if (line.length() == 0)
209+
{
210+
if (buf.size() > 0)
211+
{
212+
boolean testPassed = Boolean.parseBoolean((String) buf.get("testPassed"));
213+
String reason = buf.get("reason");
214+
byte[] pk = Hex.decode((String) buf.get("pk"));
215+
byte[] sk = Hex.decode((String) buf.get("sk"));
216+
byte[] message = Hex.decode((String) buf.get("message"));
217+
byte[] signature = Hex.decode((String) buf.get("signature"));
218+
219+
MLDSAParameters parameters = params[fileIndex];
220+
221+
MLDSAPublicKeyParameters pubParams = new MLDSAPublicKeyParameters(parameters, pk);
222+
MLDSAPrivateKeyParameters privParams = new MLDSAPrivateKeyParameters(parameters, sk, null);
223+
224+
225+
MLDSASigner verifier = new MLDSASigner();
226+
verifier.init(false, pubParams);
227+
228+
boolean ver = verifier.internalVerifySignature(message, signature);
229+
assertEquals("expected " + testPassed + " " + reason, testPassed, ver);
230+
}
231+
buf.clear();
232+
233+
continue;
234+
}
235+
236+
int a = line.indexOf("=");
237+
if (a > -1)
238+
{
239+
buf.put(line.substring(0, a).trim(), line.substring(a + 1).trim());
240+
}
241+
}
242+
// System.out.println("testing successful!");
243+
}
244+
}
245+
246+
public void testRNG()
247+
{
248+
String temp = "061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1";
249+
byte[] seed = Hex.decode(temp);
250+
251+
NISTSecureRandom r = new NISTSecureRandom(seed, null);
252+
253+
String testBytesString = "7C9935A0B07694AA0C6D10E4DB6B1ADD2FD81A25CCB148032DCD739936737F2D";
254+
byte[] testBytes = Hex.decode(testBytesString);
255+
256+
byte[] randBytes = new byte[testBytes.length];
257+
r.nextBytes(randBytes);
258+
259+
assertTrue(Arrays.areEqual(randBytes, testBytes));
260+
}
261+
262+
263+
public void testMLDSARandom()
264+
{
265+
266+
MLDSAKeyPairGenerator keyGen = new MLDSAKeyPairGenerator();
267+
268+
SecureRandom random = new SecureRandom();
269+
270+
for (MLDSAParameters param : new MLDSAParameters[]{MLDSAParameters.ml_dsa_44, MLDSAParameters.ml_dsa_65, MLDSAParameters.ml_dsa_87})
271+
{
272+
keyGen.init(new MLDSAKeyGenerationParameters(random, param));
273+
for (int msgSize = 0; msgSize < 2049; )
274+
{
275+
byte[] msg = new byte[msgSize];
276+
if (msgSize < 128)
277+
{
278+
msgSize += 1;
279+
}
280+
else
281+
{
282+
msgSize += 12;
283+
}
284+
for (int i = 0; i != 100; i++)
285+
{
286+
random.nextBytes(msg);
287+
AsymmetricCipherKeyPair keyPair = keyGen.generateKeyPair();
288+
289+
// sign
290+
MLDSASigner signer = new MLDSASigner();
291+
MLDSAPrivateKeyParameters skparam = (MLDSAPrivateKeyParameters) keyPair.getPrivate();
292+
ParametersWithRandom skwrand = new ParametersWithRandom(skparam, random);
293+
signer.init(true, skwrand);
294+
295+
byte[] sigGenerated = signer.generateSignature(msg);
296+
297+
// verify
298+
MLDSASigner verifier = new MLDSASigner();
299+
MLDSAPublicKeyParameters pkparam = (MLDSAPublicKeyParameters) keyPair.getPublic();
300+
verifier.init(false, pkparam);
301+
302+
boolean ok = verifier.verifySignature(msg, sigGenerated);
303+
304+
if (!ok) {
305+
System.out.println("Verify failed");
306+
System.out.println("MSG:"+Hex.toHexString(msg));
307+
System.out.println("SIG: "+Hex.toHexString(sigGenerated));
308+
System.out.println("PK: "+Hex.toHexString(pkparam.getEncoded()));
309+
System.out.println("SK: "+Hex.toHexString(skparam.getEncoded()));
310+
}
311+
312+
assertTrue("count = " + i, ok);
313+
}
314+
}
315+
}
316+
}
317+
}

0 commit comments

Comments
 (0)