Skip to content

Commit

Permalink
moved NTRUPrime to always produce 256 bit secrets - relates to github #…
Browse files Browse the repository at this point in the history 
…1554
  • Loading branch information
@dghgit
dghgit committed Dec 22, 2023
1 parent 4ee2ee5 commit db3ae60
Show file tree
Hide file tree
Showing 6 changed files with 35 additions and 34 deletions.
11 changes: 5 additions & 6 deletions core/src/main/java/org/bouncycastle/pqc/crypto/ntruprime/NTRULPRimeParameters.java
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
package org.bouncycastle.pqc.crypto.ntruprime;

import org.bouncycastle.crypto.CipherParameters;
import org.bouncycastle.pqc.crypto.KEMParameters;

/**
Expand All @@ -11,19 +10,19 @@ public class NTRULPRimeParameters
{
public static final NTRULPRimeParameters ntrulpr653 = new NTRULPRimeParameters("ntrulpr653", 653, 4621, 252, 289,
2175, 113, 2031, 290,
865, 897, 1125, 16);
865, 897, 1125, 32);
public static final NTRULPRimeParameters ntrulpr761 = new NTRULPRimeParameters("ntrulpr761", 761, 4591, 250, 292,
2156, 114, 2007, 287,
1007, 1039, 1294, 16);
1007, 1039, 1294, 32);
public static final NTRULPRimeParameters ntrulpr857 = new NTRULPRimeParameters("ntrulpr857", 857, 5167, 281, 329,
2433, 101, 2265, 324,
1152, 1184, 1463, 16);
1152, 1184, 1463, 32);
public static final NTRULPRimeParameters ntrulpr953 = new NTRULPRimeParameters("ntrulpr953", 953, 6343, 345, 404,
2997, 82, 2798, 400,
1317, 1349, 1652, 24);
1317, 1349, 1652, 32);
public static final NTRULPRimeParameters ntrulpr1013 = new NTRULPRimeParameters("ntrulpr1013", 1013, 7177, 392, 450,
3367, 73, 3143, 449,
1423, 1455, 1773, 24);
1423, 1455, 1773, 32);
public static final NTRULPRimeParameters ntrulpr1277 = new NTRULPRimeParameters("ntrulpr1277", 1277, 7879, 429, 502,
3724, 66, 3469, 496,
1815, 1847, 2231, 32);
Expand Down
10 changes: 5 additions & 5 deletions core/src/main/java/org/bouncycastle/pqc/crypto/ntruprime/SNTRUPrimeParameters.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,15 +9,15 @@ public class SNTRUPrimeParameters
implements KEMParameters
{
public static final SNTRUPrimeParameters sntrup653 = new SNTRUPrimeParameters("sntrup653", 653, 4621, 288,
994, 865, 994, 1518, 16);
994, 865, 994, 1518, 32);
public static final SNTRUPrimeParameters sntrup761 = new SNTRUPrimeParameters("sntrup761", 761, 4591, 286,
1158, 1007, 1158, 1763, 16);
1158, 1007, 1158, 1763, 32);
public static final SNTRUPrimeParameters sntrup857 = new SNTRUPrimeParameters("sntrup857", 857, 5167, 322,
1322, 1152, 1322, 1999, 16);
1322, 1152, 1322, 1999, 32);
public static final SNTRUPrimeParameters sntrup953 = new SNTRUPrimeParameters("sntrup953", 953, 6343, 396,
1505, 1317, 1505, 2254, 24);
1505, 1317, 1505, 2254, 32);
public static final SNTRUPrimeParameters sntrup1013 = new SNTRUPrimeParameters("sntrup1013", 1013, 7177, 448,
1623, 1423, 1623, 2417, 24);
1623, 1423, 1623, 2417, 32);
public static final SNTRUPrimeParameters sntrup1277 = new SNTRUPrimeParameters("sntrup1277", 1277, 7879, 492,
2067, 1815, 2067, 3059, 32);

Expand Down
13 changes: 7 additions & 6 deletions prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/ntruprime/NTRULPRimeCipherSpi.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,7 @@
import org.bouncycastle.crypto.Wrapper;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.jcajce.spec.KEMParameterSpec;
import org.bouncycastle.jcajce.spec.KTSParameterSpec;
import org.bouncycastle.pqc.crypto.ntruprime.NTRULPRimeKEMExtractor;
import org.bouncycastle.pqc.crypto.ntruprime.NTRULPRimeKEMGenerator;
import org.bouncycastle.pqc.jcajce.provider.util.WrapUtil;
Expand All @@ -36,7 +37,7 @@ class NTRULPRimeCipherSpi
{
private final String algorithmName;
private NTRULPRimeKEMGenerator kemGen;
private KEMParameterSpec kemParameterSpec;
private KTSParameterSpec kemParameterSpec;
private BCNTRULPRimePublicKey wrapKey;
private BCNTRULPRimePrivateKey unwrapKey;
private AlgorithmParameters engineParams;
Expand Down Expand Up @@ -127,16 +128,16 @@ protected void engineInit(int opmode, Key key, AlgorithmParameterSpec paramSpec,
if (paramSpec == null)
{
// TODO: default should probably use shake.
kemParameterSpec = new KEMParameterSpec("AES-KWP");
kemParameterSpec = new KTSParameterSpec.Builder("AES-KWP", 256).build();
}
else
{
if (!(paramSpec instanceof KEMParameterSpec))
if (!(paramSpec instanceof KTSParameterSpec))
{
throw new InvalidAlgorithmParameterException(algorithmName + " can only accept KTSParameterSpec");
}

kemParameterSpec = (KEMParameterSpec)paramSpec;
kemParameterSpec = (KTSParameterSpec)paramSpec;
}

if (opmode == Cipher.WRAP_MODE)
Expand Down Expand Up @@ -232,7 +233,7 @@ protected byte[] engineWrap(

Wrapper kWrap = WrapUtil.getWrapper(kemParameterSpec.getKeyAlgorithmName());

KeyParameter keyParameter = new KeyParameter(secEnc.getSecret());
KeyParameter keyParameter = new KeyParameter(secEnc.getSecret(), 0, (kemParameterSpec.getKeySize() + 7) / 8);

kWrap.init(true, keyParameter);

Expand Down Expand Up @@ -277,7 +278,7 @@ protected Key engineUnwrap(

Wrapper kWrap = WrapUtil.getWrapper(kemParameterSpec.getKeyAlgorithmName());

KeyParameter keyParameter = new KeyParameter(secret);
KeyParameter keyParameter = new KeyParameter(secret, 0, (kemParameterSpec.getKeySize() + 7) / 8);

Arrays.clear(secret);

Expand Down
17 changes: 8 additions & 9 deletions prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/ntruprime/SNTRUPrimeCipherSpi.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,8 +24,7 @@
import org.bouncycastle.crypto.SecretWithEncapsulation;
import org.bouncycastle.crypto.Wrapper;
import org.bouncycastle.crypto.params.KeyParameter;
import org.bouncycastle.jcajce.spec.KEMParameterSpec;
import org.bouncycastle.pqc.crypto.ntruprime.NTRULPRimeKEMGenerator;
import org.bouncycastle.jcajce.spec.KTSParameterSpec;
import org.bouncycastle.pqc.crypto.ntruprime.SNTRUPrimeKEMExtractor;
import org.bouncycastle.pqc.crypto.ntruprime.SNTRUPrimeKEMGenerator;
import org.bouncycastle.pqc.jcajce.provider.util.WrapUtil;
Expand All @@ -37,7 +36,7 @@ class SNTRUPrimeCipherSpi
{
private final String algorithmName;
private SNTRUPrimeKEMGenerator kemGen;
private KEMParameterSpec kemParameterSpec;
private KTSParameterSpec kemParameterSpec;
private BCSNTRUPrimePublicKey wrapKey;
private BCSNTRUPrimePrivateKey unwrapKey;
private AlgorithmParameters engineParams;
Expand Down Expand Up @@ -128,16 +127,16 @@ protected void engineInit(int opmode, Key key, AlgorithmParameterSpec paramSpec,
if (paramSpec == null)
{
// TODO: default should probably use shake.
kemParameterSpec = new KEMParameterSpec("AES-KWP");
kemParameterSpec = new KTSParameterSpec.Builder("AES-KWP", 256).build();
}
else
{
if (!(paramSpec instanceof KEMParameterSpec))
if (!(paramSpec instanceof KTSParameterSpec))
{
throw new InvalidAlgorithmParameterException(algorithmName + " can only accept KTSParameterSpec");
}

kemParameterSpec = (KEMParameterSpec)paramSpec;
kemParameterSpec = (KTSParameterSpec)paramSpec;
}

if (opmode == Cipher.WRAP_MODE)
Expand Down Expand Up @@ -179,7 +178,7 @@ protected void engineInit(int opmode, Key key, AlgorithmParameters algorithmPara
{
try
{
paramSpec = algorithmParameters.getParameterSpec(KEMParameterSpec.class);
paramSpec = algorithmParameters.getParameterSpec(KTSParameterSpec.class);
}
catch (Exception e)
{
Expand Down Expand Up @@ -233,7 +232,7 @@ protected byte[] engineWrap(

Wrapper kWrap = WrapUtil.getWrapper(kemParameterSpec.getKeyAlgorithmName());

KeyParameter keyParameter = new KeyParameter(secEnc.getSecret());
KeyParameter keyParameter = new KeyParameter(secEnc.getSecret(), 0, (kemParameterSpec.getKeySize() + 7) / 8);

kWrap.init(true, keyParameter);

Expand Down Expand Up @@ -278,7 +277,7 @@ protected Key engineUnwrap(

Wrapper kWrap = WrapUtil.getWrapper(kemParameterSpec.getKeyAlgorithmName());

KeyParameter keyParameter = new KeyParameter(secret);
KeyParameter keyParameter = new KeyParameter(secret, 0, (kemParameterSpec.getKeySize() + 7) / 8);

Arrays.clear(secret);

Expand Down
7 changes: 4 additions & 3 deletions prov/src/test/java/org/bouncycastle/pqc/jcajce/provider/test/NTRULPRimeTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
import org.bouncycastle.jcajce.spec.KEMExtractSpec;
import org.bouncycastle.jcajce.spec.KEMGenerateSpec;
import org.bouncycastle.jcajce.spec.KEMParameterSpec;
import org.bouncycastle.jcajce.spec.KTSParameterSpec;
import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
import org.bouncycastle.pqc.jcajce.spec.NTRULPRimeParameterSpec;
import org.bouncycastle.util.Arrays;
Expand Down Expand Up @@ -65,7 +66,7 @@ public void testBasicKEMSEED()
KeyPairGenerator kpg = KeyPairGenerator.getInstance("NTRULPRime", "BCPQC");
kpg.initialize(NTRULPRimeParameterSpec.ntrulpr653, new SecureRandom());

performKEMScipher(kpg.generateKeyPair(), "NTRULPRime", new KEMParameterSpec("SEED"));
performKEMScipher(kpg.generateKeyPair(), "NTRULPRime", new KTSParameterSpec.Builder("SEED", 128).build());
}

public void testBasicKEMARIA()
Expand All @@ -78,7 +79,7 @@ public void testBasicKEMARIA()
performKEMScipher(kpg.generateKeyPair(), "NTRULPRime", new KEMParameterSpec("ARIA-KWP"));
}

private void performKEMScipher(KeyPair kp, String algorithm, KEMParameterSpec ktsParameterSpec)
private void performKEMScipher(KeyPair kp, String algorithm, KTSParameterSpec ktsParameterSpec)
throws Exception
{
Cipher w1 = Cipher.getInstance(algorithm, "BCPQC");
Expand Down Expand Up @@ -122,7 +123,7 @@ public void testGenerateAES()
SecretKeyWithEncapsulation secEnc1 = (SecretKeyWithEncapsulation)keyGen.generateKey();

assertEquals("AES", secEnc1.getAlgorithm());
assertEquals(16, secEnc1.getEncoded().length);
assertEquals(32, secEnc1.getEncoded().length);

keyGen.init(new KEMExtractSpec(kp.getPrivate(), secEnc1.getEncapsulation(), "AES"), new SecureRandom());

Expand Down
11 changes: 6 additions & 5 deletions prov/src/test/java/org/bouncycastle/pqc/jcajce/provider/test/SNTRUPrimeTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
import org.bouncycastle.jcajce.spec.KEMExtractSpec;
import org.bouncycastle.jcajce.spec.KEMGenerateSpec;
import org.bouncycastle.jcajce.spec.KEMParameterSpec;
import org.bouncycastle.jcajce.spec.KTSParameterSpec;
import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
import org.bouncycastle.pqc.jcajce.spec.SNTRUPrimeParameterSpec;
import org.bouncycastle.util.Arrays;
Expand Down Expand Up @@ -55,8 +56,8 @@ public void testBasicKEMCamellia()
KeyPairGenerator kpg = KeyPairGenerator.getInstance("SNTRUPrime", "BCPQC");
kpg.initialize(SNTRUPrimeParameterSpec.sntrup653, new SecureRandom());

performKEMScipher(kpg.generateKeyPair(), "SNTRUPrime", new KEMParameterSpec("Camellia"));
performKEMScipher(kpg.generateKeyPair(), "SNTRUPrime", new KEMParameterSpec("Camellia-KWP"));
performKEMScipher(kpg.generateKeyPair(), "SNTRUPrime", new KTSParameterSpec.Builder("Camellia", 256).build());
performKEMScipher(kpg.generateKeyPair(), "SNTRUPrime", new KTSParameterSpec.Builder("Camellia-KWP", 256).build());
}

public void testBasicKEMSEED()
Expand All @@ -65,7 +66,7 @@ public void testBasicKEMSEED()
KeyPairGenerator kpg = KeyPairGenerator.getInstance("SNTRUPrime", "BCPQC");
kpg.initialize(SNTRUPrimeParameterSpec.sntrup653, new SecureRandom());

performKEMScipher(kpg.generateKeyPair(), "SNTRUPrime", new KEMParameterSpec("SEED"));
performKEMScipher(kpg.generateKeyPair(), "SNTRUPrime", new KTSParameterSpec.Builder("SEED", 128).build());
}

public void testBasicKEMARIA()
Expand All @@ -78,7 +79,7 @@ public void testBasicKEMARIA()
performKEMScipher(kpg.generateKeyPair(), "SNTRUPrime", new KEMParameterSpec("ARIA-KWP"));
}

private void performKEMScipher(KeyPair kp, String algorithm, KEMParameterSpec ktsParameterSpec)
private void performKEMScipher(KeyPair kp, String algorithm, KTSParameterSpec ktsParameterSpec)
throws Exception
{
Cipher w1 = Cipher.getInstance(algorithm, "BCPQC");
Expand Down Expand Up @@ -122,7 +123,7 @@ public void testGenerateAES()
SecretKeyWithEncapsulation secEnc1 = (SecretKeyWithEncapsulation)keyGen.generateKey();

assertEquals("AES", secEnc1.getAlgorithm());
assertEquals(16, secEnc1.getEncoded().length);
assertEquals(32, secEnc1.getEncoded().length);

keyGen.init(new KEMExtractSpec(kp.getPrivate(), secEnc1.getEncapsulation(), "AES"), new SecureRandom());

Expand Down

0 comments on commit db3ae60

Please sign in to comment.