diff --git a/crypto/src/pqc/crypto/cmce/CmceKemExtractor.cs b/crypto/src/pqc/crypto/cmce/CmceKemExtractor.cs
index 9c4e84456..9bbdec17b 100644
--- a/crypto/src/pqc/crypto/cmce/CmceKemExtractor.cs
+++ b/crypto/src/pqc/crypto/cmce/CmceKemExtractor.cs
@@ -32,7 +32,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Cmce
return ExtractSecret(encapsulation, engine.DefaultSessionKeySize);
}
- public byte[] ExtractSecret(byte[] encapsulation, int sessionKeySizeInBits)
+ private byte[] ExtractSecret(byte[] encapsulation, int sessionKeySizeInBits)
{
byte[] session_key = new byte[sessionKeySizeInBits / 8];
engine.kem_dec(session_key, encapsulation, ((CmcePrivateKeyParameters)key).PrivateKey);
diff --git a/crypto/src/pqc/crypto/cmce/CmceKemGenerator.cs b/crypto/src/pqc/crypto/cmce/CmceKemGenerator.cs
index fe258ce74..ac97fb594 100644
--- a/crypto/src/pqc/crypto/cmce/CmceKemGenerator.cs
+++ b/crypto/src/pqc/crypto/cmce/CmceKemGenerator.cs
@@ -26,7 +26,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Cmce
return GenerateEncapsulated(recipientKey, engine.DefaultSessionKeySize);
}
- public ISecretWithEncapsulation GenerateEncapsulated(AsymmetricKeyParameter recipientKey, int sessionKeySizeInBits)
+ private ISecretWithEncapsulation GenerateEncapsulated(AsymmetricKeyParameter recipientKey, int sessionKeySizeInBits)
{
CmcePublicKeyParameters key = (CmcePublicKeyParameters)recipientKey;
CmceEngine engine = key.Parameters.Engine;
diff --git a/crypto/src/pqc/crypto/frodo/FrodoEngine.cs b/crypto/src/pqc/crypto/frodo/FrodoEngine.cs
index 020f721ea..2f9c50921 100644
--- a/crypto/src/pqc/crypto/frodo/FrodoEngine.cs
+++ b/crypto/src/pqc/crypto/frodo/FrodoEngine.cs
@@ -10,7 +10,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Frodo
public class FrodoEngine
{
// constant parameters
- private static int nbar = 8;
+ internal static int nbar = 8;
private static int mbar = 8;
private static int len_seedA = 128;
private static int len_z = 128;
diff --git a/crypto/src/pqc/crypto/frodo/FrodoParameters.cs b/crypto/src/pqc/crypto/frodo/FrodoParameters.cs
index ad04d8c5e..1e28a22bf 100644
--- a/crypto/src/pqc/crypto/frodo/FrodoParameters.cs
+++ b/crypto/src/pqc/crypto/frodo/FrodoParameters.cs
@@ -13,14 +13,14 @@ namespace Org.BouncyCastle.Pqc.Crypto.Frodo
private static short[] cdf_table976 = {5638, 15915, 23689, 28571, 31116, 32217, 32613, 32731, 32760, 32766, 32767};
private static short[] cdf_table1344 = {9142, 23462, 30338, 32361, 32725, 32765, 32767};
- public static FrodoParameters frodokem19888r3 = new FrodoParameters("frodokem19888", 640, 15, 2, cdf_table640, new ShakeDigest(128), new FrodoMatrixGenerator.Aes128MatrixGenerator(640, (1<<15)), 64);
- public static FrodoParameters frodokem19888shaker3 = new FrodoParameters("frodokem19888shake", 640, 15, 2, cdf_table640, new ShakeDigest(128), new FrodoMatrixGenerator.Shake128MatrixGenerator(640, (1<<15)), 64);
+ public static FrodoParameters frodokem19888r3 = new FrodoParameters("frodokem19888", 640, 15, 2, cdf_table640, new ShakeDigest(128), new FrodoMatrixGenerator.Aes128MatrixGenerator(640, (1<<15)));
+ public static FrodoParameters frodokem19888shaker3 = new FrodoParameters("frodokem19888shake", 640, 15, 2, cdf_table640, new ShakeDigest(128), new FrodoMatrixGenerator.Shake128MatrixGenerator(640, (1<<15)));
- public static FrodoParameters frodokem31296r3 = new FrodoParameters("frodokem31296", 976, 16, 3, cdf_table976, new ShakeDigest(256), new FrodoMatrixGenerator.Aes128MatrixGenerator(976, (1<<16)), 96);
- public static FrodoParameters frodokem31296shaker3 = new FrodoParameters("frodokem31296shake", 976, 16, 3, cdf_table976, new ShakeDigest(256), new FrodoMatrixGenerator.Shake128MatrixGenerator(976, (1<<16)), 96);
+ public static FrodoParameters frodokem31296r3 = new FrodoParameters("frodokem31296", 976, 16, 3, cdf_table976, new ShakeDigest(256), new FrodoMatrixGenerator.Aes128MatrixGenerator(976, (1<<16)));
+ public static FrodoParameters frodokem31296shaker3 = new FrodoParameters("frodokem31296shake", 976, 16, 3, cdf_table976, new ShakeDigest(256), new FrodoMatrixGenerator.Shake128MatrixGenerator(976, (1<<16)));
- public static FrodoParameters frodokem43088r3 = new FrodoParameters("frodokem43088", 1344, 16, 4, cdf_table1344, new ShakeDigest(256), new FrodoMatrixGenerator.Aes128MatrixGenerator(1344, (1<<16)), 128);
- public static FrodoParameters frodokem43088shaker3 = new FrodoParameters("frodokem43088shake", 1344, 16, 4, cdf_table1344, new ShakeDigest(256), new FrodoMatrixGenerator.Shake128MatrixGenerator(1344, (1<<16)), 128);
+ public static FrodoParameters frodokem43088r3 = new FrodoParameters("frodokem43088", 1344, 16, 4, cdf_table1344, new ShakeDigest(256), new FrodoMatrixGenerator.Aes128MatrixGenerator(1344, (1<<16)));
+ public static FrodoParameters frodokem43088shaker3 = new FrodoParameters("frodokem43088shake", 1344, 16, 4, cdf_table1344, new ShakeDigest(256), new FrodoMatrixGenerator.Shake128MatrixGenerator(1344, (1<<16)));
private String name;
private int n;
@@ -32,7 +32,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Frodo
private int defaultKeySize;
private FrodoEngine engine;
- public FrodoParameters(String name, int n, int d, int b, short[] cdf_table, IDigest digest, FrodoMatrixGenerator mGen, int defaultKeySize)
+ public FrodoParameters(String name, int n, int d, int b, short[] cdf_table, IDigest digest, FrodoMatrixGenerator mGen)
{
this.name = name;
this.n = n;
@@ -41,7 +41,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Frodo
this.cdf_table = cdf_table;
this.digest = digest;
this.mGen = mGen;
- this.defaultKeySize = defaultKeySize;
+ this.defaultKeySize = B * FrodoEngine.nbar * FrodoEngine.nbar;
this.engine = new FrodoEngine(n, d, b, cdf_table, digest, mGen);
}
diff --git a/crypto/test/src/pqc/crypto/test/CmceVectorTest.cs b/crypto/test/src/pqc/crypto/test/CmceVectorTest.cs
index 821bd5a77..4bf7605e9 100644
--- a/crypto/test/src/pqc/crypto/test/CmceVectorTest.cs
+++ b/crypto/test/src/pqc/crypto/test/CmceVectorTest.cs
@@ -80,6 +80,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
CmceParameters.mceliece8192128fr3
};
+ TestSampler sampler = new TestSampler();
for (int fileIndex = 0; fileIndex != files.Length; fileIndex++)
{
string name = files[fileIndex];
@@ -100,7 +101,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
}
if (line.Length == 0)
{
- if (buf.Count > 0)
+ if (buf.Count > 0 && !sampler.SkipTest(buf["count"]))
{
string count = buf["count"];
if (!"0".Equals(count))
@@ -137,18 +138,19 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
// KEM Enc
CmceKemGenerator CmceEncCipher = new CmceKemGenerator(random);
- ISecretWithEncapsulation secWenc = CmceEncCipher.GenerateEncapsulated(pubParams, 256);
+ ISecretWithEncapsulation secWenc = CmceEncCipher.GenerateEncapsulated(pubParams);
byte[] generated_cipher_text = secWenc.GetEncapsulation();
Assert.True(Arrays.AreEqual(ct, generated_cipher_text), name + " " + count + ": kem_enc cipher text");
byte[] secret = secWenc.GetSecret();
- Assert.True(Arrays.AreEqual(ss, secret), name + " " + count + ": kem_enc key");
+ Assert.True(Arrays.AreEqual(ss, 0, secret.Length, secret, 0, secret.Length), name + " " + count + ": kem_enc key");
// KEM Dec
CmceKemExtractor CmceDecCipher = new CmceKemExtractor(privParams);
- byte[] dec_key = CmceDecCipher.ExtractSecret(generated_cipher_text, 256);
+ byte[] dec_key = CmceDecCipher.ExtractSecret(generated_cipher_text);
- Assert.True(Arrays.AreEqual(dec_key, ss), name + " " + count + ": kem_dec ss");
+ Assert.True(Cmceparameters.DefaultKeySize == dec_key.Length * 8);
+ Assert.True(Arrays.AreEqual(dec_key, 0, dec_key.Length, ss, 0, dec_key.Length), name + " " + count + ": kem_dec ss");
Assert.True(Arrays.AreEqual(dec_key, secret), name + " " + count + ": kem_dec key");
}
buf.Clear();
diff --git a/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs b/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs
index 90498ae7f..311a5cd3a 100644
--- a/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs
+++ b/crypto/test/src/pqc/crypto/test/FrodoVectorTest.cs
@@ -28,12 +28,12 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
FrodoParameters.frodokem43088shaker3
};
- Assert.AreEqual(64, FrodoParameters.frodokem19888r3.DefaultKeySize);
- Assert.AreEqual(64, FrodoParameters.frodokem19888shaker3.DefaultKeySize);
- Assert.AreEqual(96, FrodoParameters.frodokem31296r3.DefaultKeySize);
- Assert.AreEqual(96, FrodoParameters.frodokem31296shaker3.DefaultKeySize);
- Assert.AreEqual(128, FrodoParameters.frodokem43088r3.DefaultKeySize);
- Assert.AreEqual(128, FrodoParameters.frodokem43088shaker3.DefaultKeySize);
+ Assert.AreEqual(128, FrodoParameters.frodokem19888r3.DefaultKeySize);
+ Assert.AreEqual(128, FrodoParameters.frodokem19888shaker3.DefaultKeySize);
+ Assert.AreEqual(192, FrodoParameters.frodokem31296r3.DefaultKeySize);
+ Assert.AreEqual(192, FrodoParameters.frodokem31296shaker3.DefaultKeySize);
+ Assert.AreEqual(256, FrodoParameters.frodokem43088r3.DefaultKeySize);
+ Assert.AreEqual(256, FrodoParameters.frodokem43088shaker3.DefaultKeySize);
}
[Test]
@@ -76,6 +76,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
FrodoParameters.frodokem19888shaker3,
};
}
+ TestSampler sampler = new TestSampler();
for (int fileIndex = 0; fileIndex != files.Length; fileIndex++)
{
String name = files[fileIndex];
@@ -95,7 +96,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
}
if (line.Length == 0)
{
- if (buf.Count > 0)
+ if (buf.Count > 0 && !sampler.SkipTest(buf["count"]))
{
String count = buf["count"];
if (!"0".Equals(count))
@@ -144,6 +145,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
byte[] dec_key = frodoDecCipher.ExtractSecret(generated_cipher_text);
+ Assert.True(frodoParameters.DefaultKeySize == dec_key.Length * 8);
Assert.True(Arrays.AreEqual(dec_key, ss), $"{name} {count}: kem_dec ss");
Assert.True(Arrays.AreEqual(dec_key, secret),$"{name} {count}: kem_dec key");
}
|
