Accept foreign ML-DSA keys for sign and verify. (#1442)

juergw · web-flow · commit 51794404f0d6 · 2025-12-05T08:01:07.000+01:00
Currently, we use OpenSSLKey.fromPublicKey(publicKey). But that doesn't work
for ML-DSA, because it used an old parse function that doesn't support
ML-DSA. It is better to use engineTranslateKey.
diff --git a/common/src/main/java/org/conscrypt/OpenSslSignatureMlDsa.java b/common/src/main/java/org/conscrypt/OpenSslSignatureMlDsa.java
@@ -28,10 +28,11 @@
  */
 @Internal
 public abstract class OpenSslSignatureMlDsa extends SignatureSpi {
+    private static OpenSslMlDsaKeyFactory keyFactory = new OpenSslMlDsaKeyFactory.MlDsa();
+
     /**
      * The current OpenSSL key we're operating on.
      */
-
     private OpenSSLKey key;
     private NativeRef.EVP_MD_CTX ctx;
 
@@ -94,7 +95,9 @@ protected Object engineGetParameter(String param) throws InvalidParameterExcepti
 
     @Override
     protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException {
-        key = OpenSSLKey.fromPrivateKey(privateKey);
+        OpenSslMlDsaPrivateKey conscryptPrivateKey =
+                (OpenSslMlDsaPrivateKey) keyFactory.engineTranslateKey(privateKey);
+        key = conscryptPrivateKey.getOpenSSLKey();
         MlDsaAlgorithm algorithm = OpenSslMlDsaKeyFactory.getMlDsaAlgorithm(key);
         if (!supportsAlgorithm(algorithm)) {
             throw new InvalidKeyException("Key version mismatch: " + algorithm);
@@ -107,7 +110,9 @@ protected void engineInitSign(PrivateKey privateKey) throws InvalidKeyException
 
     @Override
     protected void engineInitVerify(PublicKey publicKey) throws InvalidKeyException {
-        key = OpenSSLKey.fromPublicKey(publicKey);
+        OpenSslMlDsaPublicKey conscryptPublicKey =
+                (OpenSslMlDsaPublicKey) keyFactory.engineTranslateKey(publicKey);
+        key = conscryptPublicKey.getOpenSSLKey();
         MlDsaAlgorithm algorithm = OpenSslMlDsaKeyFactory.getMlDsaAlgorithm(key);
         if (!supportsAlgorithm(algorithm)) {
             throw new InvalidKeyException("Key version mismatch: " + algorithm);
diff --git a/common/src/test/java/org/conscrypt/MlDsaTest.java b/common/src/test/java/org/conscrypt/MlDsaTest.java
@@ -124,6 +124,54 @@ public void emptyMessage_works() throws Exception {
         assertTrue(signature.verify(sig2));
     }
 
+    /** Helper class to test KeyFactory.translateKey. */
+    static class TestPublicKey implements PublicKey {
+        public TestPublicKey(byte[] x509encoded) {
+            this.x509encoded = x509encoded;
+        }
+
+        private final byte[] x509encoded;
+
+        @Override
+        public String getAlgorithm() {
+            return "ML-DSA";
+        }
+
+        @Override
+        public String getFormat() {
+            return "X.509";
+        }
+
+        @Override
+        public byte[] getEncoded() {
+            return x509encoded;
+        }
+    }
+
+    /** Helper class to test KeyFactory.translateKey. */
+    static class TestPrivateKey implements PrivateKey {
+        public TestPrivateKey(byte[] pkcs8encoded) {
+            this.pkcs8encoded = pkcs8encoded;
+        }
+
+        private final byte[] pkcs8encoded;
+
+        @Override
+        public String getAlgorithm() {
+            return "ML-DSA";
+        }
+
+        @Override
+        public String getFormat() {
+            return "PKCS#8";
+        }
+
+        @Override
+        public byte[] getEncoded() {
+            return pkcs8encoded;
+        }
+    }
+
     @Test
     public void mldsa65KeyPair_signVerify_works() throws Exception {
         KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ML-DSA-65", conscryptProvider);
@@ -190,6 +238,36 @@ public void mldsa87KeyPair_signVerify_works() throws Exception {
         assertThrows(InvalidKeyException.class, () -> s65.initVerify(publicKey));
     }
 
+    @Test
+    public void foreignMldsa65KeyPair_signVerify_works() throws Exception {
+        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ML-DSA-65", conscryptProvider);
+        KeyPair keyPair = keyGen.generateKeyPair();
+        PrivateKey privateKey = new TestPrivateKey(keyPair.getPrivate().getEncoded());
+        PublicKey publicKey = new TestPublicKey(keyPair.getPublic().getEncoded());
+
+        for (String signAlgorithm : new String[] {"ML-DSA-65", "ML-DSA"}) {
+            byte[] msg = new byte[123];
+            Signature ss = Signature.getInstance(signAlgorithm, conscryptProvider);
+            ss.initSign(privateKey);
+            ss.update(msg);
+            byte[] sig = ss.sign();
+            assertEquals(3309, sig.length);
+
+            for (String verifyAlgorithm : new String[] {"ML-DSA-65", "ML-DSA"}) {
+                Signature sv = Signature.getInstance(verifyAlgorithm, conscryptProvider);
+                sv.initVerify(publicKey);
+                sv.update(msg);
+                boolean verified = sv.verify(sig);
+                assertTrue(verified);
+            }
+        }
+
+        // ML-DSA-87 does not support ML-DSA-65 keys.
+        Signature s87 = Signature.getInstance("ML-DSA-87", conscryptProvider);
+        assertThrows(InvalidKeyException.class, () -> s87.initSign(privateKey));
+        assertThrows(InvalidKeyException.class, () -> s87.initVerify(publicKey));
+    }
+
     @Test
     public void mldsa65KeyPair_toAndFromRaw_works() throws Exception {
         KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ML-DSA-65", conscryptProvider);
@@ -296,54 +374,6 @@ public void generateFromInvalidRawKey_throws() throws Exception {
         }
     }
 
-    /** Helper class to test KeyFactory.translateKey. */
-    static class TestPublicKey implements PublicKey {
-        public TestPublicKey(byte[] x509encoded) {
-            this.x509encoded = x509encoded;
-        }
-
-        private final byte[] x509encoded;
-
-        @Override
-        public String getAlgorithm() {
-            return "ML-DSA";
-        }
-
-        @Override
-        public String getFormat() {
-            return "X.509";
-        }
-
-        @Override
-        public byte[] getEncoded() {
-            return x509encoded;
-        }
-    }
-
-    /** Helper class to test KeyFactory.translateKey. */
-    static class TestPrivateKey implements PrivateKey {
-        public TestPrivateKey(byte[] pkcs8encoded) {
-            this.pkcs8encoded = pkcs8encoded;
-        }
-
-        private final byte[] pkcs8encoded;
-
-        @Override
-        public String getAlgorithm() {
-            return "ML-DSA";
-        }
-
-        @Override
-        public String getFormat() {
-            return "PKCS#8";
-        }
-
-        @Override
-        public byte[] getEncoded() {
-            return pkcs8encoded;
-        }
-    }
-
     @Test
     public void mldsa65KeyPair_x509AndPkcs8() throws Exception {
         KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ML-DSA-65", conscryptProvider);
