summary refs log tree commit diff
path: root/crypto/src
diff options
context:
space:
mode:
authorDavid Hook <dgh@cryptoworkshop.com>2022-08-21 21:04:09 +1000
committerDavid Hook <dgh@cryptoworkshop.com>2022-08-21 21:04:09 +1000
commit37fdb4543c83dc7f4accfde993fe7b32064b8de3 (patch)
tree501fa781b966dcccef17e3531ee9ab13c6500f5f /crypto/src
parentImplement NextBytes(Span<byte) (diff)
downloadBouncyCastle.NET-ed25519-37fdb4543c83dc7f4accfde993fe7b32064b8de3.tar.xz
added key size restrictions
Diffstat (limited to 'crypto/src')
-rw-r--r--crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs20
-rw-r--r--crypto/src/pqc/crypto/ntruprime/NtruPrimeEngine.cs9
-rw-r--r--crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs22
-rw-r--r--crypto/src/pqc/crypto/saber/SABEREngine.cs2
-rw-r--r--crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs2
-rw-r--r--crypto/src/pqc/crypto/saber/SABERParameters.cs17
-rw-r--r--crypto/src/pqc/crypto/saber/Utils.cs4
7 files changed, 38 insertions, 38 deletions
diff --git a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs
index 6b12785bd..a8601250e 100644
--- a/crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs
+++ b/crypto/src/pqc/crypto/ntruprime/NtruLPRimeParameters.cs
@@ -23,10 +23,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
         private int _skBytes;
         private int _pkBytes;
         private int _ctBytes;
+        private int _defaultKeySize;
         private NtruPrimeEngine _primeEngine;
         
         private NtruLPRimeParameters(String name, int p, int q, bool LPR, int w, int tau0,
-            int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes)
+            int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes, int defaultKeySize)
         {
             this.name = name;
             this.p = p;
@@ -44,21 +45,24 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
             this._skBytes = skBytes;
             this._pkBytes = pkBytes;
             this._ctBytes = ctBytes;
-            this._primeEngine = new NtruPrimeEngine(p,q, LPR, w, tau0, tau1, tau2, tau3, skBytes, pkBytes, ctBytes, roundedBytes, rqBytes);
+            this._primeEngine = new NtruPrimeEngine(p,q, LPR, w, tau0, tau1, tau2, tau3, skBytes, pkBytes, ctBytes, roundedBytes, rqBytes, defaultKeySize / 8);
+            this._defaultKeySize = defaultKeySize;
         }
 
-        public static NtruLPRimeParameters ntrulpr653 = new NtruLPRimeParameters("NTRU_LPRime_653", 653, 4621, true, 252, 2175,113,2031,290,1125,897,1025, 865, -1);
-        public static NtruLPRimeParameters ntrulpr761 = new NtruLPRimeParameters("NTRU_LPRime_761", 761, 4591, true, 250, 2156,114,2007,287,1294,1039,1167, 1007, -1);
-        public static NtruLPRimeParameters ntrulpr857 = new NtruLPRimeParameters("NTRU_LPRime_857", 857, 5167, true, 281, 2433,101,2265,324,1463,1184,1312, 1152, -1);
-        public static NtruLPRimeParameters ntrulpr953 = new NtruLPRimeParameters("NTRU_LPRime_953", 953, 6343, true, 345, 2997,82,2798,400,1652,1349,1477, 1317, -1);
-        public static NtruLPRimeParameters ntrulpr1013 = new NtruLPRimeParameters("NTRU_LPRime_1013", 1013, 7177, true, 392, 3367,73,3143,449,1773,1455,1583, 1423, -1);
-        public static NtruLPRimeParameters ntrulpr1277 = new NtruLPRimeParameters("NTRU_LPRime_1277", 1277, 7879, true, 429, 3724,66,3469,496,2231,1847,1975, 1815, -1);
+        public static NtruLPRimeParameters ntrulpr653 = new NtruLPRimeParameters("NTRU_LPRime_653", 653, 4621, true, 252, 2175,113,2031,290,1125,897,1025, 865, -1, 128);
+        public static NtruLPRimeParameters ntrulpr761 = new NtruLPRimeParameters("NTRU_LPRime_761", 761, 4591, true, 250, 2156,114,2007,287,1294,1039,1167, 1007, -1, 128);
+        public static NtruLPRimeParameters ntrulpr857 = new NtruLPRimeParameters("NTRU_LPRime_857", 857, 5167, true, 281, 2433,101,2265,324,1463,1184,1312, 1152, -1, 128);
+        public static NtruLPRimeParameters ntrulpr953 = new NtruLPRimeParameters("NTRU_LPRime_953", 953, 6343, true, 345, 2997,82,2798,400,1652,1349,1477, 1317, -1, 192);
+        public static NtruLPRimeParameters ntrulpr1013 = new NtruLPRimeParameters("NTRU_LPRime_1013", 1013, 7177, true, 392, 3367,73,3143,449,1773,1455,1583, 1423, -1, 192);
+        public static NtruLPRimeParameters ntrulpr1277 = new NtruLPRimeParameters("NTRU_LPRime_1277", 1277, 7879, true, 429, 3724,66,3469,496,2231,1847,1975, 1815, -1, 256);
         
         public int P => p;
         public bool lpr => LPR;
         
         public int Q => q;
 
+        public int DefaultKeySize => _defaultKeySize;
+        
         internal NtruPrimeEngine PrimeEngine => _primeEngine;
 
     }
diff --git a/crypto/src/pqc/crypto/ntruprime/NtruPrimeEngine.cs b/crypto/src/pqc/crypto/ntruprime/NtruPrimeEngine.cs
index 701a53cee..2302e0c4b 100644
--- a/crypto/src/pqc/crypto/ntruprime/NtruPrimeEngine.cs
+++ b/crypto/src/pqc/crypto/ntruprime/NtruPrimeEngine.cs
@@ -28,7 +28,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
         private readonly int _smallBytes;
         private readonly int _hashBytes;
         
-        private const int SessionKeyBytes = 32;
+        private readonly int SessionKeyBytes;
 
         // Parameters for NTRU
         private readonly int _p;
@@ -54,7 +54,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
         public int SessionKeySize => SessionKeyBytes;
         
         public NtruPrimeEngine(int p, int q, bool lpr, int w, int tau0,
-            int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes)
+            int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes, int defaultKeyLen)
         {
             this._p = p;
             this._q = q;
@@ -73,6 +73,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
             this._lpr = lpr;
 
             this._confirmBytes = 32;
+            this.SessionKeyBytes = defaultKeyLen;
 
             _smallBytes = ((p + 3) / 4);
             _q12 = ((q - 1) / 2);
@@ -1233,7 +1234,9 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
                 }
             }
 
-            HashPrefix(ref output, b, ref x, x.Length);
+            byte[] hash = new byte[32];
+            HashPrefix(ref hash, b, ref x, x.Length);
+            Array.Copy(hash, 0, output, 0, output.Length);
         }
         
         private int NegativeMask(short x)
diff --git a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs
index 8a73d6235..95d63d1a8 100644
--- a/crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs
+++ b/crypto/src/pqc/crypto/ntruprime/SNtruPrimeParameters.cs
@@ -19,10 +19,10 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
         private int _skBytes;
         private int _pkBytes;
         private int _ctBytes;
+        private int _defaultKeySize;
         private NtruPrimeEngine _primeEngine;
-        
         private SNtruPrimeParameters(String name, int p, int q, bool LPR, int w, int tau0,
-            int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes)
+            int tau1, int tau2, int tau3, int skBytes, int pkBytes, int ctBytes, int roundedBytes, int rqBytes, int defaultKeySize)
         {
             this.name = name;
             this.p = p;
@@ -33,28 +33,30 @@ namespace Org.BouncyCastle.Pqc.Crypto.NtruPrime
             this._tau1 = tau1;
             this._tau2 = tau2;
             this._tau3 = tau3;
-            
+
             // KEM Parameters
             this._roundedBytes = roundedBytes;
             this._rqBytes = rqBytes;
             this._skBytes = skBytes;
             this._pkBytes = pkBytes;
             this._ctBytes = ctBytes;
-            this._primeEngine = new NtruPrimeEngine(p,q, LPR, w, tau0, tau1, tau2, tau3, skBytes, pkBytes, ctBytes, roundedBytes, rqBytes);
+            this._primeEngine = new NtruPrimeEngine(p, q, LPR, w, tau0, tau1, tau2, tau3, skBytes, pkBytes, ctBytes, roundedBytes, rqBytes, defaultKeySize / 8);
+            this._defaultKeySize = defaultKeySize;
         }
 
-        public static SNtruPrimeParameters sntrup653 = new SNtruPrimeParameters("SNTRU_Prime_653", 653, 4621, false, 288, -1,-1,-1,-1,1518,994,897, 865, 994);
-        public static SNtruPrimeParameters sntrup761 = new SNtruPrimeParameters("SNTRU_Prime_761", 761, 4591, false, 286, -1,-1,-1,-1,1763,1158,1039, 1007, 1158);
-        public static SNtruPrimeParameters sntrup857 = new SNtruPrimeParameters("SNTRU_Prime_857", 857, 5167, false, 322, -1,-1,-1,-1,1999,1322,1184, 1152, 1322);
-        public static SNtruPrimeParameters sntrup953 = new SNtruPrimeParameters("SNTRU_Prime_953", 953, 6343, false, 396, -1,-1,-1,-1,2254,1505,1349, 1317, 1505);
-        public static SNtruPrimeParameters sntrup1013 = new SNtruPrimeParameters("SNTRU_Prime_1013", 1013, 7177, false, 448, -1,-1,-1,-1,2417,1623,1455, 1423, 1623);
-        public static SNtruPrimeParameters sntrup1277 = new SNtruPrimeParameters("SNTRU_Prime_1277", 1277, 7879, false, 492, -1,-1,-1,-1,3059,2067,1847, 1815, 2067);
+        public static SNtruPrimeParameters sntrup653 = new SNtruPrimeParameters("SNTRU_Prime_653", 653, 4621, false, 288, -1,-1,-1,-1,1518,994,897, 865, 994, 128);
+        public static SNtruPrimeParameters sntrup761 = new SNtruPrimeParameters("SNTRU_Prime_761", 761, 4591, false, 286, -1,-1,-1,-1,1763,1158,1039, 1007, 1158, 128);
+        public static SNtruPrimeParameters sntrup857 = new SNtruPrimeParameters("SNTRU_Prime_857", 857, 5167, false, 322, -1,-1,-1,-1,1999,1322,1184, 1152, 1322, 128);
+        public static SNtruPrimeParameters sntrup953 = new SNtruPrimeParameters("SNTRU_Prime_953", 953, 6343, false, 396, -1,-1,-1,-1,2254,1505,1349, 1317, 1505, 192);
+        public static SNtruPrimeParameters sntrup1013 = new SNtruPrimeParameters("SNTRU_Prime_1013", 1013, 7177, false, 448, -1,-1,-1,-1,2417,1623,1455, 1423, 1623, 192);
+        public static SNtruPrimeParameters sntrup1277 = new SNtruPrimeParameters("SNTRU_Prime_1277", 1277, 7879, false, 492, -1,-1,-1,-1,3059,2067,1847, 1815, 2067, 256);
         
         public int P => p;
         public bool lpr => LPR;
         
         public int Q => q;
 
+        public int DefaultKeySize => _defaultKeySize;
         internal NtruPrimeEngine PrimeEngine => _primeEngine;
 
     }
diff --git a/crypto/src/pqc/crypto/saber/SABEREngine.cs b/crypto/src/pqc/crypto/saber/SABEREngine.cs
index 4be553957..38efdd8f3 100644
--- a/crypto/src/pqc/crypto/saber/SABEREngine.cs
+++ b/crypto/src/pqc/crypto/saber/SABEREngine.cs
@@ -7,7 +7,7 @@ using Org.BouncyCastle.Utilities;
 
 namespace Org.BouncyCastle.Pqc.Crypto.Saber
 {
-    public class SABEREngine
+    internal class SABEREngine
     {
         // constant parameters
         public static int SABER_EQ = 13;
diff --git a/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs b/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs
index 1b74a2833..79b59ee1d 100644
--- a/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs
+++ b/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs
@@ -19,7 +19,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber
             this.saberParams = (SABERKeyGenerationParameters) param;
             this.random = param.Random;
 
-            this.l = this.saberParams.GetParameters().GetL();
+            this.l = this.saberParams.GetParameters().L;
         }
 
         private AsymmetricCipherKeyPair GenKeyPair()
diff --git a/crypto/src/pqc/crypto/saber/SABERParameters.cs b/crypto/src/pqc/crypto/saber/SABERParameters.cs
index b53c9cf6f..50b577ab8 100644
--- a/crypto/src/pqc/crypto/saber/SABERParameters.cs
+++ b/crypto/src/pqc/crypto/saber/SABERParameters.cs
@@ -33,22 +33,13 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber
             this.engine = new SABEREngine(l, defaultKeySize);
         }
 
-        public String GetName()
-        {
-            return name;
-        }
+        public String Name => name;
 
-        public int GetL()
-        {
-            return l;
-        }
+        public int L => l;
 
-        public int GetDefaultKeySize()
-        {
-            return defaultKeySize;
-        }
+        public int DefaultKeySize => defaultKeySize;
 
-        public SABEREngine GetEngine()
+        internal SABEREngine GetEngine()
         {
             return engine;
         }
diff --git a/crypto/src/pqc/crypto/saber/Utils.cs b/crypto/src/pqc/crypto/saber/Utils.cs
index 32a544c1f..ff74ef1cb 100644
--- a/crypto/src/pqc/crypto/saber/Utils.cs
+++ b/crypto/src/pqc/crypto/saber/Utils.cs
@@ -1,6 +1,6 @@
 namespace Org.BouncyCastle.Pqc.Crypto.Saber
 {
-    public class Utils
+    internal class Utils
     {
 
         private int SABER_N;
@@ -10,7 +10,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber
         private int SABER_EP;
         private int SABER_KEYBYTES;
 
-        public Utils(SABEREngine engine)
+        internal Utils(SABEREngine engine)
         {
             this.SABER_N = engine.getSABER_N();
             this.SABER_L = engine.getSABER_L();