diff options
| author | David Hook <dgh@cryptoworkshop.com> | 2022-08-09 10:43:02 +1000 |
|---|---|---|
| committer | David Hook <dgh@cryptoworkshop.com> | 2022-08-09 10:43:02 +1000 |
| commit | 7ac5df05768d9c65d227278559723360292b9cb8 (patch) | |
| tree | 568828c31776353507a647f9f176c03904b3e782 | |
| parent | minor refactoring (diff) | |
| download | BouncyCastle.NET-ed25519-7ac5df05768d9c65d227278559723360292b9cb8.tar.xz | |
split NtruPrime into SNtruPrime, NtruLPRime
22 files changed, 631 insertions, 251 deletions
diff --git a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemExtractor.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemExtractor.cs new file mode 100644 index 000000000..34f152994 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemExtractor.cs @@ -0,0 +1,34 @@ +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class NtruLPRimeKemExtractor : IEncapsulatedSecretExtractor + { + private NtruPrimeEngine _primeEngine; + private readonly NtruLPRimeKeyParameters _primeKey; + + public NtruLPRimeKemExtractor(NtruLPRimeKeyParameters privParams) + { + this._primeKey = privParams; + InitCipher(_primeKey.Parameters); + } + + private void InitCipher(NtruLPRimeParameters param) + { + _primeEngine = param.PrimeEngine; + } + + public byte[] ExtractSecret(byte[] encapsulation) + { + byte[] session_key = new byte[_primeEngine.SessionKeySize]; + _primeEngine.kem_dec(session_key, encapsulation, ((NtruLPRimePrivateKeyParameters)_primeKey).privKey); + return session_key; + } + + public int GetInputSize() + { + return _primeEngine.CipherTextSize; + } + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKemGenerator.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemGenerator.cs index 9c2e0461b..d7c52e357 100644 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKemGenerator.cs +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKemGenerator.cs @@ -5,23 +5,23 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime { - public class NtruPrimeKemGenerator : IEncapsulatedSecretGenerator + public class NtruLPRimeKemGenerator : IEncapsulatedSecretGenerator { private SecureRandom sr; - public NtruPrimeKemGenerator(SecureRandom sr) + public NtruLPRimeKemGenerator(SecureRandom sr) { this.sr = sr; } public ISecretWithEncapsulation GenerateEncapsulated(AsymmetricKeyParameter recipientKey) { - NtruPrimePublicKeyParameters key = (NtruPrimePublicKeyParameters)recipientKey; - NtruPrimeEngine pEngine = key.Parameters.PEngine; - byte[] cipherText = new byte[pEngine.CipherTextSize]; - byte[] sessionKey = new byte[pEngine.SessionKeySize]; - pEngine.kem_enc(cipherText, sessionKey,key.pubKey, sr); - return new NtruPrimeKemGenerator.SecretWithEncapsulationImpl(sessionKey, cipherText); + NtruLPRimePublicKeyParameters key = (NtruLPRimePublicKeyParameters)recipientKey; + NtruPrimeEngine primeEngine = key.Parameters.PrimeEngine; + byte[] cipherText = new byte[primeEngine.CipherTextSize]; + byte[] sessionKey = new byte[primeEngine.SessionKeySize]; + primeEngine.kem_enc(cipherText, sessionKey,key.pubKey, sr); + return new NtruLPRimeKemGenerator.SecretWithEncapsulationImpl(sessionKey, cipherText); } public class SecretWithEncapsulationImpl : ISecretWithEncapsulation diff --git a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyGenerationParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyGenerationParameters.cs new file mode 100644 index 000000000..cc9264f7f --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyGenerationParameters.cs @@ -0,0 +1,18 @@ +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class NtruLPRimeKeyGenerationParameters : KeyGenerationParameters + { + private NtruLPRimeParameters _primeParameters; + + public NtruLPRimeKeyGenerationParameters(SecureRandom random, NtruLPRimeParameters ntruPrimeParameters) : base(random,256) + { + this._primeParameters = ntruPrimeParameters; + } + + public NtruLPRimeParameters Parameters => _primeParameters; + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyPairGenerator.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyPairGenerator.cs new file mode 100644 index 000000000..83e2f24ac --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyPairGenerator.cs @@ -0,0 +1,49 @@ +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class NtruLPRimeKeyPairGenerator + { + private NtruLPRimeKeyGenerationParameters _ntruPrimeParams; + + private int p; + private int q; + + private SecureRandom random; + + private void Initialize(KeyGenerationParameters param) + { + _ntruPrimeParams = (NtruLPRimeKeyGenerationParameters) param; + random = param.Random; + + // n = ntruParams.Parameters.N; + + p = _ntruPrimeParams.Parameters.P; + q = _ntruPrimeParams.Parameters.Q; + + } + + private AsymmetricCipherKeyPair GenKeyPair() + { + NtruPrimeEngine primeEngine = _ntruPrimeParams.Parameters.PrimeEngine; + byte[] sk = new byte[primeEngine.PrivateKeySize]; + byte[] pk = new byte[primeEngine.PublicKeySize]; + primeEngine.kem_keypair( pk,sk,random); + + NtruLPRimePublicKeyParameters pubKey = new NtruLPRimePublicKeyParameters(_ntruPrimeParams.Parameters, pk); + NtruLPRimePrivateKeyParameters privKey = new NtruLPRimePrivateKeyParameters(_ntruPrimeParams.Parameters, sk); + return new AsymmetricCipherKeyPair(pubKey, privKey); + } + + public void Init(KeyGenerationParameters param) + { + this.Initialize(param); + } + + public AsymmetricCipherKeyPair GenerateKeyPair() + { + return GenKeyPair(); + } + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyParameters.cs new file mode 100644 index 000000000..da38bf4d8 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeKeyParameters.cs @@ -0,0 +1,17 @@ +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class NtruLPRimeKeyParameters : AsymmetricKeyParameter + { + private NtruLPRimeParameters _primeParameters; + + public NtruLPRimeKeyParameters(bool isPrivate, NtruLPRimeParameters primeParameters) : base(isPrivate) + { + this._primeParameters = primeParameters; + } + + public NtruLPRimeParameters Parameters => _primeParameters; + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs new file mode 100644 index 000000000..6b12785bd --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs @@ -0,0 +1,65 @@ +using System; +using System.ComponentModel; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Crypto.Digests; +using Org.BouncyCastle.Crypto.Modes; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class NtruLPRimeParameters : ICipherParameters + { + + private String name; + private int p; + private int q; + private int _roundedBytes; + private bool LPR; + private int _w; + private int _rqBytes; + private int _tau0; + private int _tau1; + private int _tau2; + private int _tau3; + private int _skBytes; + private int _pkBytes; + private int _ctBytes; + private NtruPrimeEngine _primeEngine; + + private NtruLPRimeParameters(String name, int p, int q, bool LPR, int w, int tau0, + int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes) + { + this.name = name; + this.p = p; + this.q = q; + this.LPR = LPR; + this._w = w; + this._tau0 = tau0; + this._tau1 = tau1; + this._tau2 = tau2; + this._tau3 = tau3; + + // KEM Parameters + this._roundedBytes = roundedBytes; + this._rqBytes = rqBytes; + this._skBytes = skBytes; + this._pkBytes = pkBytes; + this._ctBytes = ctBytes; + this._primeEngine = new NtruPrimeEngine(p,q, LPR, w, tau0, tau1, tau2, tau3, skBytes, pkBytes, ctBytes, roundedBytes, rqBytes); + } + + public static NtruLPRimeParameters ntrulpr653 = new NtruLPRimeParameters("NTRU_LPRime_653", 653, 4621, true, 252, 2175,113,2031,290,1125,897,1025, 865, -1); + public static NtruLPRimeParameters ntrulpr761 = new NtruLPRimeParameters("NTRU_LPRime_761", 761, 4591, true, 250, 2156,114,2007,287,1294,1039,1167, 1007, -1); + public static NtruLPRimeParameters ntrulpr857 = new NtruLPRimeParameters("NTRU_LPRime_857", 857, 5167, true, 281, 2433,101,2265,324,1463,1184,1312, 1152, -1); + public static NtruLPRimeParameters ntrulpr953 = new NtruLPRimeParameters("NTRU_LPRime_953", 953, 6343, true, 345, 2997,82,2798,400,1652,1349,1477, 1317, -1); + public static NtruLPRimeParameters ntrulpr1013 = new NtruLPRimeParameters("NTRU_LPRime_1013", 1013, 7177, true, 392, 3367,73,3143,449,1773,1455,1583, 1423, -1); + public static NtruLPRimeParameters ntrulpr1277 = new NtruLPRimeParameters("NTRU_LPRime_1277", 1277, 7879, true, 429, 3724,66,3469,496,2231,1847,1975, 1815, -1); + + public int P => p; + public bool lpr => LPR; + + public int Q => q; + + internal NtruPrimeEngine PrimeEngine => _primeEngine; + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimePrivateKeyParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimePrivateKeyParameters.cs index 69cfc4744..1164ab197 100644 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimePrivateKeyParameters.cs +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimePrivateKeyParameters.cs @@ -3,18 +3,23 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime { - public class NtruPrimePrivateKeyParameters : NtruPrimeKeyParameters + public class NtruLPRimePrivateKeyParameters : NtruLPRimeKeyParameters { internal byte[] privKey; - public NtruPrimePrivateKeyParameters(NtruPrimeParameters pParameters, byte[] privKey) : base(true, pParameters) + public byte[] GetPrivateKey() + { + return Arrays.Clone(privKey); + } + + public NtruLPRimePrivateKeyParameters(NtruLPRimeParameters primeParameters, byte[] privKey) : base(true, primeParameters) { this.privKey = Arrays.Clone(privKey); } public byte[] GetEncoded() { - return Arrays.Clone(privKey); + return GetPrivateKey(); } } } diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimePublicKeyParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimePublicKeyParameters.cs index 265382455..9566165d1 100644 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimePublicKeyParameters.cs +++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimePublicKeyParameters.cs @@ -2,16 +2,21 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime { - public class NtruPrimePublicKeyParameters : NtruPrimeKeyParameters + public class NtruLPRimePublicKeyParameters : NtruLPRimeKeyParameters { internal byte[] pubKey; - public byte[] GetEncoded() + public byte[] GetPublicKey() { return Arrays.Clone(pubKey); } - public NtruPrimePublicKeyParameters(NtruPrimeParameters pParameters, byte[] pubKey) : base(false,pParameters) + public byte[] GetEncoded() + { + return GetPublicKey(); + } + + public NtruLPRimePublicKeyParameters(NtruLPRimeParameters primeParameters, byte[] pubKey) : base(false,primeParameters) { this.pubKey = Arrays.Clone(pubKey); } diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKemExtractor.cs b/crypto/src/pqc/crypto/ntruprime/NtruPrimeKemExtractor.cs deleted file mode 100644 index 7ae67db50..000000000 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKemExtractor.cs +++ /dev/null @@ -1,35 +0,0 @@ -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Pqc.Crypto.Frodo; - -namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime -{ - public class NtruPrimeKemExtractor : IEncapsulatedSecretExtractor - { - private NtruPrimeEngine _pEngine; - private NtruPrimeKeyParameters _pKey; - - public NtruPrimeKemExtractor(NtruPrimeKeyParameters privParams) - { - this._pKey = privParams; - InitCipher(_pKey.Parameters); - } - - private void InitCipher(NtruPrimeParameters param) - { - _pEngine = param.PEngine; - } - - public byte[] ExtractSecret(byte[] encapsulation) - { - byte[] session_key = new byte[_pEngine.SessionKeySize]; - _pEngine.kem_dec(session_key, encapsulation, ((NtruPrimePrivateKeyParameters)_pKey).privKey); - return session_key; - } - - public int GetInputSize() - { - return _pEngine.CipherTextSize; - } - - } -} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyGenerationParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyGenerationParameters.cs deleted file mode 100644 index 56e7315ae..000000000 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyGenerationParameters.cs +++ /dev/null @@ -1,18 +0,0 @@ -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Security; - -namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime -{ - public class NtruKeyGenerationParameters : KeyGenerationParameters - { - private NtruPrimeParameters _pParameters; - - public NtruKeyGenerationParameters(SecureRandom random, NtruPrimeParameters ntruPParameters) : base(random,256) - { - this._pParameters = ntruPParameters; - } - - public NtruPrimeParameters PParameters => _pParameters; - - } -} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyPairGenerator.cs b/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyPairGenerator.cs deleted file mode 100644 index eff4828f8..000000000 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyPairGenerator.cs +++ /dev/null @@ -1,69 +0,0 @@ -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Security; - -namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime -{ - public class NtruKeyPairGenerator - { - private NtruKeyGenerationParameters ntruParams; - - private int p; - private int q; - - private SecureRandom random; - - private void Initialize(KeyGenerationParameters param) - { - ntruParams = (NtruKeyGenerationParameters) param; - random = param.Random; - - // n = ntruParams.Parameters.N; - - p = ntruParams.PParameters.P; - q = ntruParams.PParameters.Q; - - } - - private AsymmetricCipherKeyPair GenKeyPair() - { - NtruPrimeEngine pEngine = ntruParams.PParameters.PEngine; - byte[] sk = new byte[pEngine.PrivateKeySize]; - byte[] pk = new byte[pEngine.PublicKeySize]; - pEngine.kem_keypair( pk,sk,random); - - NtruPrimePublicKeyParameters pubKey = new NtruPrimePublicKeyParameters(ntruParams.PParameters, pk); - NtruPrimePrivateKeyParameters privKey = new NtruPrimePrivateKeyParameters(ntruParams.PParameters, sk); - return new AsymmetricCipherKeyPair(pubKey, privKey); - } - - public void Init(KeyGenerationParameters param) - { - this.Initialize(param); - } - - public AsymmetricCipherKeyPair GenerateKeyPair() - { - return GenKeyPair(); - } - - // private AsymmetricCipherKeyPair GenKeyPair() - // { - // NtruEngine engine = ntruParams.Parameters.Engine; - // byte[] sk = new byte[engine.PrivateKeySize]; - // byte[] pk = new byte[engine.PublicKeySize]; - // - // - // } - // - // public void Init(KeyGenerationParameters param) - // { - // this.Initialize(param); - // } - // - // public AsymmetricCipherKeyPair GenerateKeyPair() - // { - // return GenKeyPair(); - // } - - } -} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyParameters.cs deleted file mode 100644 index fb77d8567..000000000 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimeKeyParameters.cs +++ /dev/null @@ -1,17 +0,0 @@ -using Org.BouncyCastle.Crypto; - -namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime -{ - public class NtruPrimeKeyParameters : AsymmetricKeyParameter - { - private NtruPrimeParameters _pParameters; - - public NtruPrimeKeyParameters(bool isPrivate, NtruPrimeParameters pParameters) : base(isPrivate) - { - this._pParameters = pParameters; - } - - public NtruPrimeParameters Parameters => _pParameters; - - } -} diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimeParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruPrimeParameters.cs deleted file mode 100644 index 3cf691565..000000000 --- a/crypto/src/pqc/crypto/ntruprime/NtruPrimeParameters.cs +++ /dev/null @@ -1,72 +0,0 @@ -using System; -using System.ComponentModel; -using Org.BouncyCastle.Crypto; -using Org.BouncyCastle.Crypto.Digests; -using Org.BouncyCastle.Crypto.Modes; - -namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime -{ - public class NtruPrimeParameters : ICipherParameters - { - - private String name; - private int p; - private int q; - private int _roundedBytes; - private bool LPR; - private int _w; - private int _rqBytes; - private int _tau0; - private int _tau1; - private int _tau2; - private int _tau3; - private int _skBytes; - private int _pkBytes; - private int _ctBytes; - private NtruPrimeEngine _pEngine; - - public NtruPrimeParameters(String name, int p, int q, bool LPR, int w, int tau0, - int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes) - { - this.name = name; - this.p = p; - this.q = q; - this.LPR = LPR; - this._w = w; - this._tau0 = tau0; - this._tau1 = tau1; - this._tau2 = tau2; - this._tau3 = tau3; - - // KEM Parameters - this._roundedBytes = roundedBytes; - this._rqBytes = rqBytes; - this._skBytes = skBytes; - this._pkBytes = pkBytes; - this._ctBytes = ctBytes; - this._pEngine = new NtruPrimeEngine(p,q, LPR, w, tau0, tau1, tau2, tau3, skBytes, pkBytes, ctBytes, roundedBytes, rqBytes); - } - - public static NtruPrimeParameters ntrulpr653 = new NtruPrimeParameters("NTRU_LPRime_653", 653, 4621, true, 252, 2175,113,2031,290,1125,897,1025, 865, -1); - public static NtruPrimeParameters ntrulpr761 = new NtruPrimeParameters("NTRU_LPRime_761", 761, 4591, true, 250, 2156,114,2007,287,1294,1039,1167, 1007, -1); - public static NtruPrimeParameters ntrulpr857 = new NtruPrimeParameters("NTRU_LPRime_857", 857, 5167, true, 281, 2433,101,2265,324,1463,1184,1312, 1152, -1); - public static NtruPrimeParameters ntrulpr953 = new NtruPrimeParameters("NTRU_LPRime_953", 953, 6343, true, 345, 2997,82,2798,400,1652,1349,1477, 1317, -1); - public static NtruPrimeParameters ntrulpr1013 = new NtruPrimeParameters("NTRU_LPRime_1013", 1013, 7177, true, 392, 3367,73,3143,449,1773,1455,1583, 1423, -1); - public static NtruPrimeParameters ntrulpr1277 = new NtruPrimeParameters("NTRU_LPRime_1277", 1277, 7879, true, 429, 3724,66,3469,496,2231,1847,1975, 1815, -1); - - public static NtruPrimeParameters sntrup653 = new NtruPrimeParameters("SNTRU_Prime_653", 653, 4621, false, 288, -1,-1,-1,-1,1518,994,897, 865, 994); - public static NtruPrimeParameters sntrup761 = new NtruPrimeParameters("SNTRU_Prime_761", 761, 4591, false, 286, -1,-1,-1,-1,1763,1158,1039, 1007, 1158); - public static NtruPrimeParameters sntrup857 = new NtruPrimeParameters("SNTRU_Prime_857", 857, 5167, false, 322, -1,-1,-1,-1,1999,1322,1184, 1152, 1322); - public static NtruPrimeParameters sntrup953 = new NtruPrimeParameters("SNTRU_Prime_953", 953, 6343, false, 396, -1,-1,-1,-1,2254,1505,1349, 1317, 1505); - public static NtruPrimeParameters sntrup1013 = new NtruPrimeParameters("SNTRU_Prime_1013", 1013, 7177, false, 448, -1,-1,-1,-1,2417,1623,1455, 1423, 1623); - public static NtruPrimeParameters sntrup1277 = new NtruPrimeParameters("SNTRU_Prime_1277", 1277, 7879, false, 492, -1,-1,-1,-1,3059,2067,1847, 1815, 2067); - - public int P => p; - public bool lpr => LPR; - - public int Q => q; - - internal NtruPrimeEngine PEngine => _pEngine; - - } -} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemExtractor.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemExtractor.cs new file mode 100644 index 000000000..15f144ac2 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemExtractor.cs @@ -0,0 +1,34 @@ +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimeKemExtractor : IEncapsulatedSecretExtractor + { + private NtruPrimeEngine _primeEngine; + private readonly SNtruPrimeKeyParameters _primeKey; + + public SNtruPrimeKemExtractor(SNtruPrimeKeyParameters privParams) + { + this._primeKey = privParams; + InitCipher(_primeKey.Parameters); + } + + private void InitCipher(SNtruPrimeParameters param) + { + _primeEngine = param.PrimeEngine; + } + + public byte[] ExtractSecret(byte[] encapsulation) + { + byte[] session_key = new byte[_primeEngine.SessionKeySize]; + _primeEngine.kem_dec(session_key, encapsulation, ((SNtruPrimePrivateKeyParameters)_primeKey).privKey); + return session_key; + } + + public int GetInputSize() + { + return _primeEngine.CipherTextSize; + } + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemGenerator.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemGenerator.cs new file mode 100644 index 000000000..43ca38b09 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKemGenerator.cs @@ -0,0 +1,77 @@ +using System; +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimeKemGenerator : IEncapsulatedSecretGenerator + { + private SecureRandom sr; + + public SNtruPrimeKemGenerator(SecureRandom sr) + { + this.sr = sr; + } + + public ISecretWithEncapsulation GenerateEncapsulated(AsymmetricKeyParameter recipientKey) + { + SNtruPrimePublicKeyParameters key = (SNtruPrimePublicKeyParameters)recipientKey; + NtruPrimeEngine primeEngine = key.Parameters.PrimeEngine; + byte[] cipherText = new byte[primeEngine.CipherTextSize]; + byte[] sessionKey = new byte[primeEngine.SessionKeySize]; + primeEngine.kem_enc(cipherText, sessionKey,key.pubKey, sr); + return new NtruLPRimeKemGenerator.SecretWithEncapsulationImpl(sessionKey, cipherText); + } + + public class SecretWithEncapsulationImpl : ISecretWithEncapsulation + { + private volatile bool hasBeenDestroyed = false; + + private byte[] sessionKey; + private byte[] cipherText; + + public SecretWithEncapsulationImpl(byte[] sessionKey, byte[] cipherText) + { + this.sessionKey = sessionKey; + this.cipherText = cipherText; + } + + public byte[] GetSecret() + { + CheckDestroyed(); + return Arrays.Clone(sessionKey); + } + + public byte[] GetEncapsulation() + { + return Arrays.Clone(cipherText); + } + + public void Dispose() + { + if (!hasBeenDestroyed) + { + hasBeenDestroyed = true; + Arrays.Clear(sessionKey); + Arrays.Clear(cipherText); + } + } + + public bool IsDestroyed() + { + return hasBeenDestroyed; + } + + void CheckDestroyed() + { + if (IsDestroyed()) + { + throw new Exception("data has been destroyed"); + } + } + + } + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyGenerationParameters.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyGenerationParameters.cs new file mode 100644 index 000000000..cd4f37893 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyGenerationParameters.cs @@ -0,0 +1,18 @@ +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimeKeyGenerationParameters : KeyGenerationParameters + { + private SNtruPrimeParameters _primeParameters; + + public SNtruPrimeKeyGenerationParameters(SecureRandom random, SNtruPrimeParameters ntruPrimeParameters) : base(random,256) + { + this._primeParameters = ntruPrimeParameters; + } + + public SNtruPrimeParameters Parameters => _primeParameters; + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyPairGenerator.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyPairGenerator.cs new file mode 100644 index 000000000..8f0629b60 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyPairGenerator.cs @@ -0,0 +1,49 @@ +using Org.BouncyCastle.Crypto; +using Org.BouncyCastle.Security; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimeKeyPairGenerator + { + private SNtruPrimeKeyGenerationParameters _ntruPrimeParams; + + private int p; + private int q; + + private SecureRandom random; + + private void Initialize(KeyGenerationParameters param) + { + _ntruPrimeParams = (SNtruPrimeKeyGenerationParameters) param; + random = param.Random; + + // n = ntruParams.Parameters.N; + + p = _ntruPrimeParams.Parameters.P; + q = _ntruPrimeParams.Parameters.Q; + + } + + private AsymmetricCipherKeyPair GenKeyPair() + { + NtruPrimeEngine primeEngine = _ntruPrimeParams.Parameters.PrimeEngine; + byte[] sk = new byte[primeEngine.PrivateKeySize]; + byte[] pk = new byte[primeEngine.PublicKeySize]; + primeEngine.kem_keypair( pk,sk,random); + + SNtruPrimePublicKeyParameters pubKey = new SNtruPrimePublicKeyParameters(_ntruPrimeParams.Parameters, pk); + SNtruPrimePrivateKeyParameters privKey = new SNtruPrimePrivateKeyParameters(_ntruPrimeParams.Parameters, sk); + return new AsymmetricCipherKeyPair(pubKey, privKey); + } + + public void Init(KeyGenerationParameters param) + { + this.Initialize(param); + } + + public AsymmetricCipherKeyPair GenerateKeyPair() + { + return GenKeyPair(); + } + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyParameters.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyParameters.cs new file mode 100644 index 000000000..e4e03a2bb --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeKeyParameters.cs @@ -0,0 +1,17 @@ +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimeKeyParameters : AsymmetricKeyParameter + { + private SNtruPrimeParameters _primeParameters; + + public SNtruPrimeKeyParameters(bool isPrivate, SNtruPrimeParameters primeParameters) : base(isPrivate) + { + this._primeParameters = primeParameters; + } + + public SNtruPrimeParameters Parameters => _primeParameters; + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs new file mode 100644 index 000000000..8a73d6235 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs @@ -0,0 +1,61 @@ +using System; +using Org.BouncyCastle.Crypto; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimeParameters : ICipherParameters + { + private String name; + private int p; + private int q; + private int _roundedBytes; + private bool LPR; + private int _w; + private int _rqBytes; + private int _tau0; + private int _tau1; + private int _tau2; + private int _tau3; + private int _skBytes; + private int _pkBytes; + private int _ctBytes; + private NtruPrimeEngine _primeEngine; + + private SNtruPrimeParameters(String name, int p, int q, bool LPR, int w, int tau0, + int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes) + { + this.name = name; + this.p = p; + this.q = q; + this.LPR = LPR; + this._w = w; + this._tau0 = tau0; + this._tau1 = tau1; + this._tau2 = tau2; + this._tau3 = tau3; + + // KEM Parameters + this._roundedBytes = roundedBytes; + this._rqBytes = rqBytes; + this._skBytes = skBytes; + this._pkBytes = pkBytes; + this._ctBytes = ctBytes; + this._primeEngine = new NtruPrimeEngine(p,q, LPR, w, tau0, tau1, tau2, tau3, skBytes, pkBytes, ctBytes, roundedBytes, rqBytes); + } + + public static SNtruPrimeParameters sntrup653 = new SNtruPrimeParameters("SNTRU_Prime_653", 653, 4621, false, 288, -1,-1,-1,-1,1518,994,897, 865, 994); + public static SNtruPrimeParameters sntrup761 = new SNtruPrimeParameters("SNTRU_Prime_761", 761, 4591, false, 286, -1,-1,-1,-1,1763,1158,1039, 1007, 1158); + public static SNtruPrimeParameters sntrup857 = new SNtruPrimeParameters("SNTRU_Prime_857", 857, 5167, false, 322, -1,-1,-1,-1,1999,1322,1184, 1152, 1322); + public static SNtruPrimeParameters sntrup953 = new SNtruPrimeParameters("SNTRU_Prime_953", 953, 6343, false, 396, -1,-1,-1,-1,2254,1505,1349, 1317, 1505); + public static SNtruPrimeParameters sntrup1013 = new SNtruPrimeParameters("SNTRU_Prime_1013", 1013, 7177, false, 448, -1,-1,-1,-1,2417,1623,1455, 1423, 1623); + public static SNtruPrimeParameters sntrup1277 = new SNtruPrimeParameters("SNTRU_Prime_1277", 1277, 7879, false, 492, -1,-1,-1,-1,3059,2067,1847, 1815, 2067); + + public int P => p; + public bool lpr => LPR; + + public int Q => q; + + internal NtruPrimeEngine PrimeEngine => _primeEngine; + + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimePrivateKeyParameters.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimePrivateKeyParameters.cs new file mode 100644 index 000000000..62f336459 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimePrivateKeyParameters.cs @@ -0,0 +1,25 @@ +using System; +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimePrivateKeyParameters : SNtruPrimeKeyParameters + { + internal byte[] privKey; + + public byte[] GetPrivateKey() + { + return Arrays.Clone(privKey); + } + + public SNtruPrimePrivateKeyParameters(SNtruPrimeParameters primeParameters, byte[] privKey) : base(true, primeParameters) + { + this.privKey = Arrays.Clone(privKey); + } + + public byte[] GetEncoded() + { + return GetPrivateKey(); + } + } +} diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimePublicKeyParameters.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimePublicKeyParameters.cs new file mode 100644 index 000000000..80bd6ddd0 --- /dev/null +++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimePublicKeyParameters.cs @@ -0,0 +1,24 @@ +using Org.BouncyCastle.Utilities; + +namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime +{ + public class SNtruPrimePublicKeyParameters : SNtruPrimeKeyParameters + { + internal byte[] pubKey; + + public byte[] GetPublicKey() + { + return Arrays.Clone(pubKey); + } + + public byte[] GetEncoded() + { + return GetPublicKey(); + } + + public SNtruPrimePublicKeyParameters(SNtruPrimeParameters primeParameters, byte[] pubKey) : base(false,primeParameters) + { + this.pubKey = Arrays.Clone(pubKey); + } + } +} diff --git a/crypto/test/src/pqc/crypto/test/NtruPrimeVectorTest.cs b/crypto/test/src/pqc/crypto/test/NtruPrimeVectorTest.cs index f42135674..0fe411dee 100644 --- a/crypto/test/src/pqc/crypto/test/NtruPrimeVectorTest.cs +++ b/crypto/test/src/pqc/crypto/test/NtruPrimeVectorTest.cs @@ -33,28 +33,16 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests "kat_kem_ntrulp_953.rsp", "kat_kem_ntrulp_1013.rsp", "kat_kem_ntrulp_1277.rsp", - "kat_kem_sntrup_653.rsp", - "kat_kem_sntrup_761.rsp", - "kat_kem_sntrup_857.rsp", - "kat_kem_sntrup_953.rsp", - "kat_kem_sntrup_1013.rsp", - "kat_kem_sntrup_1277.rsp", }; - NtruPrimeParameters[] parameters = + NtruLPRimeParameters[] parameters = { - NtruPrimeParameters.ntrulpr653, - NtruPrimeParameters.ntrulpr761, - NtruPrimeParameters.ntrulpr857, - NtruPrimeParameters.ntrulpr953, - NtruPrimeParameters.ntrulpr1013, - NtruPrimeParameters.ntrulpr1277, - NtruPrimeParameters.sntrup653, - NtruPrimeParameters.sntrup761, - NtruPrimeParameters.sntrup857, - NtruPrimeParameters.sntrup953, - NtruPrimeParameters.sntrup1013, - NtruPrimeParameters.sntrup1277, + NtruLPRimeParameters.ntrulpr653, + NtruLPRimeParameters.ntrulpr761, + NtruLPRimeParameters.ntrulpr857, + NtruLPRimeParameters.ntrulpr953, + NtruLPRimeParameters.ntrulpr1013, + NtruLPRimeParameters.ntrulpr1277, }; for (int fileIndex = 0; fileIndex != files.Length; fileIndex++) @@ -93,24 +81,24 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests NistSecureRandom random = new NistSecureRandom(seed, null); - NtruPrimeParameters ntruPParameters = parameters[fileIndex]; + NtruLPRimeParameters ntruPParameters = parameters[fileIndex]; - NtruKeyPairGenerator kpGen = new NtruKeyPairGenerator(); - NtruKeyGenerationParameters genParams = new NtruKeyGenerationParameters(random,ntruPParameters); + NtruLPRimeKeyPairGenerator kpGen = new NtruLPRimeKeyPairGenerator(); + NtruLPRimeKeyGenerationParameters genParams = new NtruLPRimeKeyGenerationParameters(random,ntruPParameters); // Generate the key pair kpGen.Init(genParams); AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair(); - NtruPrimePublicKeyParameters pubParams = (NtruPrimePublicKeyParameters) kp.Public; - NtruPrimePrivateKeyParameters privParams = (NtruPrimePrivateKeyParameters) kp.Private; + NtruLPRimePublicKeyParameters pubParams = (NtruLPRimePublicKeyParameters) kp.Public; + NtruLPRimePrivateKeyParameters privParams = (NtruLPRimePrivateKeyParameters) kp.Private; // Check public and private key Assert.True(Arrays.AreEqual(pk,pubParams.GetEncoded()), $"{name} {count} : public key"); Assert.True(Arrays.AreEqual(sk,privParams.GetEncoded()), $"{name} {count} : private key"); // Encapsulation - NtruPrimeKemGenerator ntruPEncCipher = new NtruPrimeKemGenerator(random); + NtruLPRimeKemGenerator ntruPEncCipher = new NtruLPRimeKemGenerator(random); ISecretWithEncapsulation secWenc = ntruPEncCipher.GenerateEncapsulated(pubParams); byte[] generatedCT = secWenc.GetEncapsulation(); @@ -122,7 +110,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests Assert.True(Arrays.AreEqual(ss, secret), name + " " + count + ": kem_enc secret"); // Decapsulation - NtruPrimeKemExtractor ntruDecCipher = new NtruPrimeKemExtractor(privParams); + NtruLPRimeKemExtractor ntruDecCipher = new NtruLPRimeKemExtractor(privParams); byte[] dec_key = ntruDecCipher.ExtractSecret(generatedCT); // Check decapsulation secret @@ -143,6 +131,111 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests Console.WriteLine("OK"); } + files = new string[] + { + "kat_kem_sntrup_653.rsp", + "kat_kem_sntrup_761.rsp", + "kat_kem_sntrup_857.rsp", + "kat_kem_sntrup_953.rsp", + "kat_kem_sntrup_1013.rsp", + "kat_kem_sntrup_1277.rsp", + }; + + SNtruPrimeParameters[] sparameters = + { + SNtruPrimeParameters.sntrup653, + SNtruPrimeParameters.sntrup761, + SNtruPrimeParameters.sntrup857, + SNtruPrimeParameters.sntrup953, + SNtruPrimeParameters.sntrup1013, + SNtruPrimeParameters.sntrup1277, + }; + + for (int fileIndex = 0; fileIndex != files.Length; fileIndex++) + { + String name = files[fileIndex]; + Console.Write("Testing " + name + "..."); + Console.WriteLine("pqc.ntruprime." + name); + StreamReader src = new StreamReader(SimpleTest.GetTestDataAsStream("pqc.ntruprime." + name)); + String line = null; + Dictionary<String, String> buf = new Dictionary<string, string>(); + + while ((line = src.ReadLine()) != null) + { + line = line.Trim(); + if (line.StartsWith("#")) + { + continue; + } + + if (line.Length == 0) + { + if (buf.Count > 0) + { + String count = buf["count"]; + + if (!"0".Equals(count)) + { + // Console.WriteLine("Zero"); + } + + byte[] seed = Hex.Decode(buf["seed"]); + byte[] pk = Hex.Decode(buf["pk"]); + byte[] ct = Hex.Decode(buf["ct"]); + byte[] sk = Hex.Decode(buf["sk"]); + byte[] ss = Hex.Decode(buf["ss"]); + + + NistSecureRandom random = new NistSecureRandom(seed, null); + SNtruPrimeParameters ntruPParameters = sparameters[fileIndex]; + + SNtruPrimeKeyPairGenerator kpGen = new SNtruPrimeKeyPairGenerator(); + SNtruPrimeKeyGenerationParameters genParams = new SNtruPrimeKeyGenerationParameters(random, ntruPParameters); + + // Generate the key pair + kpGen.Init(genParams); + AsymmetricCipherKeyPair kp = kpGen.GenerateKeyPair(); + + SNtruPrimePublicKeyParameters pubParams = (SNtruPrimePublicKeyParameters)kp.Public; + SNtruPrimePrivateKeyParameters privParams = (SNtruPrimePrivateKeyParameters)kp.Private; + + // Check public and private key + Assert.True(Arrays.AreEqual(pk, pubParams.GetEncoded()), $"{name} {count} : public key"); + Assert.True(Arrays.AreEqual(sk, privParams.GetEncoded()), $"{name} {count} : private key"); + + // Encapsulation + SNtruPrimeKemGenerator ntruPEncCipher = new SNtruPrimeKemGenerator(random); + ISecretWithEncapsulation secWenc = ntruPEncCipher.GenerateEncapsulated(pubParams); + byte[] generatedCT = secWenc.GetEncapsulation(); + + // Check ciphertext + Assert.True(Arrays.AreEqual(ct, generatedCT), name + " " + count + ": kem_enc cipher text"); + + // Check secret + byte[] secret = secWenc.GetSecret(); + Assert.True(Arrays.AreEqual(ss, secret), name + " " + count + ": kem_enc secret"); + + // Decapsulation + SNtruPrimeKemExtractor ntruDecCipher = new SNtruPrimeKemExtractor(privParams); + byte[] dec_key = ntruDecCipher.ExtractSecret(generatedCT); + + // Check decapsulation secret + Assert.True(Arrays.AreEqual(dec_key, ss), $"{name} {count}: kem_dec ss"); + Assert.True(Arrays.AreEqual(dec_key, secret), $"{name} {count}: kem_dec key"); + } + buf.Clear(); + + continue; + } + + int a = line.IndexOf("="); + if (a > -1) + { + buf[line.Substring(0, a).Trim()] = line.Substring(a + 1).Trim(); + } + } + Console.WriteLine("OK"); + } } } |