reverted some changes to get ml-kem working (passes acvp test, not sure if ACVP is up to date)

royb · royb · commit df71b64b15bb · 2024-08-13T16:30:45.000-04:00
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberIndCpa.java b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberIndCpa.java
@@ -55,7 +55,11 @@ byte[][] generateKeyPair(byte[] d)
         // (p, sigma) <- G(d || k)
 
         byte[] buf = new byte[64];
-        symmetric.hash_g(buf, Arrays.concatenate(d, Pack.intToLittleEndian(kyberK)));
+        //TODO: specs specifies K to be concatenated to with d but acvp tests says otherwise
+        symmetric.hash_g(buf, d);
+//        byte[] k = new byte[1];
+//        k[0] = (byte)kyberK;
+//        symmetric.hash_g(buf, Arrays.concatenate(d, k));
 
         byte[] publicSeed = new byte[32]; // p in docs
         byte[] noiseSeed = new byte[32]; // sigma in docs
@@ -177,7 +181,7 @@ public byte[] encrypt(byte[] publicKeyInput, byte[] msg, byte[] coins)
             aMatrixTranspose[i] = new PolyVec(engine);
         }
 
-        generateMatrix(aMatrixTranspose, seed, false);
+        generateMatrix(aMatrixTranspose, seed, true);
 
         // System.out.print("matrix transposed = ");
         // for (i = 0; i < kyberK; i++) {
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberKEMGenerator.java b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberKEMGenerator.java
@@ -30,4 +30,13 @@ public SecretWithEncapsulation generateEncapsulated(AsymmetricKeyParameter recip
         byte[][] kemEncrypt = engine.kemEncrypt(key.getEncoded(), randBytes);
         return new SecretWithEncapsulationImpl(kemEncrypt[0], kemEncrypt[1]);
     }
+    public SecretWithEncapsulation internalGenerateEncapsulated(AsymmetricKeyParameter recipientKey, byte[] randBytes)
+    {
+        KyberPublicKeyParameters key = (KyberPublicKeyParameters)recipientKey;
+        KyberEngine engine = key.getParameters().getEngine();
+        engine.init(sr);
+
+        byte[][] kemEncrypt = engine.kemEncryptInternal(key.getEncoded(), randBytes);
+        return new SecretWithEncapsulationImpl(kemEncrypt[0], kemEncrypt[1]);
+    }
 }
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberKeyPairGenerator.java b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberKeyPairGenerator.java
@@ -45,4 +45,14 @@ public AsymmetricCipherKeyPair generateKeyPair()
         return genKeyPair();
     }
 
+    public AsymmetricCipherKeyPair internalGenerateKeyPair(byte[] d, byte[] z)
+    {
+        byte[][] keyPair = kyberParams.getEngine().generateKemKeyPairInternal(d, z);
+
+        KyberPublicKeyParameters pubKey = new KyberPublicKeyParameters(kyberParams, keyPair[0], keyPair[1]);
+        KyberPrivateKeyParameters privKey = new KyberPrivateKeyParameters(kyberParams,  keyPair[2], keyPair[3], keyPair[4], keyPair[0], keyPair[1]);
+
+        return new AsymmetricCipherKeyPair(pubKey, privKey);
+    }
+
 }
diff --git a/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberParameters.java b/core/src/main/java/org/bouncycastle/pqc/crypto/crystals/kyber/KyberParameters.java
@@ -32,7 +32,7 @@ public String getName()
         return name;
     }
 
-    KyberEngine getEngine()
+    public KyberEngine getEngine()
     {
         return new KyberEngine(k, usingAes);
     }

Original file line number	Diff line number	Diff line change
`@@ -30,4 +30,13 @@ public SecretWithEncapsulation generateEncapsulated(AsymmetricKeyParameter recip`
`30`	`30`	`byte[][] kemEncrypt = engine.kemEncrypt(key.getEncoded(), randBytes);`
`31`	`31`	`return new SecretWithEncapsulationImpl(kemEncrypt[0], kemEncrypt[1]);`
`32`	`32`	`}`
	`33`	`+ public SecretWithEncapsulation internalGenerateEncapsulated(AsymmetricKeyParameter recipientKey, byte[] randBytes)`
	`34`	`+ {`
	`35`	`+ KyberPublicKeyParameters key = (KyberPublicKeyParameters)recipientKey;`
	`36`	`+ KyberEngine engine = key.getParameters().getEngine();`
	`37`	`+ engine.init(sr);`
	`38`	`+`
	`39`	`+ byte[][] kemEncrypt = engine.kemEncryptInternal(key.getEncoded(), randBytes);`
	`40`	`+ return new SecretWithEncapsulationImpl(kemEncrypt[0], kemEncrypt[1]);`
	`41`	`+ }`
`33`	`42`	`}`
Original file line number	Diff line number	Diff line change
`@@ -45,4 +45,14 @@ public AsymmetricCipherKeyPair generateKeyPair()`
`45`	`45`	`return genKeyPair();`
`46`	`46`	`}`
`47`	`47`
	`48`	`+ public AsymmetricCipherKeyPair internalGenerateKeyPair(byte[] d, byte[] z)`
	`49`	`+ {`
	`50`	`+ byte[][] keyPair = kyberParams.getEngine().generateKemKeyPairInternal(d, z);`
	`51`	`+`
	`52`	`+ KyberPublicKeyParameters pubKey = new KyberPublicKeyParameters(kyberParams, keyPair[0], keyPair[1]);`
	`53`	`+ KyberPrivateKeyParameters privKey = new KyberPrivateKeyParameters(kyberParams, keyPair[2], keyPair[3], keyPair[4], keyPair[0], keyPair[1]);`
	`54`	`+`
	`55`	`+ return new AsymmetricCipherKeyPair(pubKey, privKey);`
	`56`	`+ }`
	`57`	`+`
`48`	`58`	`}`
Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@ public String getName()`
`32`	`32`	`return name;`
`33`	`33`	`}`
`34`	`34`
`35`		`- KyberEngine getEngine()`
	`35`	`+ public KyberEngine getEngine()`
`36`	`36`	`{`
`37`	`37`	`return new KyberEngine(k, usingAes);`
`38`	`38`	`}`