From 9241fb66765ac2b0a92ff5d7a9231c3e424cbde3 Mon Sep 17 00:00:00 2001
From: royb <roy.basmacier@primekey.com>
Date: Fri, 25 Aug 2023 13:57:27 -0400
Subject: update Kyber and NTRU to always use 32 byte session keys

---
 crypto/src/pqc/crypto/crystals/kyber/KyberParameters.cs    | 8 ++++----
 crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048509.cs | 2 +-
 crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048677.cs | 2 +-
 crypto/src/pqc/crypto/ntru/parametersets/NtruHrss701.cs    | 2 +-
 crypto/test/src/pqc/crypto/test/CrystalsKyberTest.cs       | 4 ++--
 crypto/test/src/pqc/crypto/test/NtruVectorTest.cs          | 9 +++++++++
 6 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/crypto/src/pqc/crypto/crystals/kyber/KyberParameters.cs b/crypto/src/pqc/crypto/crystals/kyber/KyberParameters.cs
index 195831433..e71333855 100644
--- a/crypto/src/pqc/crypto/crystals/kyber/KyberParameters.cs
+++ b/crypto/src/pqc/crypto/crystals/kyber/KyberParameters.cs
@@ -5,11 +5,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.Crystals.Kyber
     public sealed class KyberParameters
         : IKemParameters
     {
-        public static KyberParameters kyber512 = new KyberParameters("kyber512", 2, 128, false);
-        public static KyberParameters kyber768 = new KyberParameters("kyber768", 3, 192, false);
+        public static KyberParameters kyber512 = new KyberParameters("kyber512", 2, 256, false);
+        public static KyberParameters kyber768 = new KyberParameters("kyber768", 3, 256, false);
         public static KyberParameters kyber1024 = new KyberParameters("kyber1024", 4, 256, false);
-        public static KyberParameters kyber512_aes = new KyberParameters("kyber512-aes", 2, 128, true);
-        public static KyberParameters kyber768_aes = new KyberParameters("kyber768-aes", 3, 192, true);
+        public static KyberParameters kyber512_aes = new KyberParameters("kyber512-aes", 2, 256, true);
+        public static KyberParameters kyber768_aes = new KyberParameters("kyber768-aes", 3, 256, true);
         public static KyberParameters kyber1024_aes = new KyberParameters("kyber1024-aes", 4, 256, true);
 
         private string m_name;
diff --git a/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048509.cs b/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048509.cs
index dcbf47636..134882380 100644
--- a/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048509.cs
+++ b/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048509.cs
@@ -2,7 +2,7 @@
 {
     internal class NtruHps2048509 : NtruHpsParameterSet
     {
-        internal NtruHps2048509() : base(509, 11, 32, 32, 16)
+        internal NtruHps2048509() : base(509, 11, 32, 32, 32)
         {
         }
     }
diff --git a/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048677.cs b/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048677.cs
index 2076f160d..0c2b2c85b 100644
--- a/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048677.cs
+++ b/crypto/src/pqc/crypto/ntru/parametersets/NtruHps2048677.cs
@@ -2,7 +2,7 @@
 {
     internal class NtruHps2048677 : NtruHpsParameterSet
     {
-        internal NtruHps2048677() : base(677, 11, 32, 32, 24)
+        internal NtruHps2048677() : base(677, 11, 32, 32, 32)
         {
         }
     }
diff --git a/crypto/src/pqc/crypto/ntru/parametersets/NtruHrss701.cs b/crypto/src/pqc/crypto/ntru/parametersets/NtruHrss701.cs
index 9e795265e..55ceac3b5 100644
--- a/crypto/src/pqc/crypto/ntru/parametersets/NtruHrss701.cs
+++ b/crypto/src/pqc/crypto/ntru/parametersets/NtruHrss701.cs
@@ -2,7 +2,7 @@
 {
     internal class NtruHrss701 : NtruHrssParameterSet
     {
-        internal NtruHrss701() : base(701, 13, 32, 32, 24)
+        internal NtruHrss701() : base(701, 13, 32, 32, 32)
         {
         }
     }
diff --git a/crypto/test/src/pqc/crypto/test/CrystalsKyberTest.cs b/crypto/test/src/pqc/crypto/test/CrystalsKyberTest.cs
index ed2b5b79d..e9eb3660f 100644
--- a/crypto/test/src/pqc/crypto/test/CrystalsKyberTest.cs
+++ b/crypto/test/src/pqc/crypto/test/CrystalsKyberTest.cs
@@ -109,8 +109,8 @@ ss = C9786ED936508E178D55A1208C590A10F25CFBFEB50BE4207395A8B2F8AA192E
         [Test]
         public void TestParameters()
         {
-            Assert.AreEqual(128, KyberParameters.kyber512.SessionKeySize);
-            Assert.AreEqual(192, KyberParameters.kyber768.SessionKeySize);
+            Assert.AreEqual(256, KyberParameters.kyber512.SessionKeySize);
+            Assert.AreEqual(256, KyberParameters.kyber768.SessionKeySize);
             Assert.AreEqual(256, KyberParameters.kyber1024.SessionKeySize);
         }
 
diff --git a/crypto/test/src/pqc/crypto/test/NtruVectorTest.cs b/crypto/test/src/pqc/crypto/test/NtruVectorTest.cs
index 417cb5438..9000201c4 100644
--- a/crypto/test/src/pqc/crypto/test/NtruVectorTest.cs
+++ b/crypto/test/src/pqc/crypto/test/NtruVectorTest.cs
@@ -21,6 +21,15 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests
             { "PQCkemKAT_1590.rsp", NtruParameters.NtruHps4096821 },
             { "PQCkemKAT_1450.rsp", NtruParameters.NtruHrss701 },
         };
+        
+        [Test]
+        public void TestParameters()
+        {
+            Assert.AreEqual(256, NtruParameters.NtruHps4096821.DefaultKeySize);
+            Assert.AreEqual(256, NtruParameters.NtruHps2048509.DefaultKeySize);
+            Assert.AreEqual(256, NtruParameters.NtruHps2048677.DefaultKeySize);
+            Assert.AreEqual(256, NtruParameters.NtruHrss701.DefaultKeySize);
+        }
 
         private static readonly IEnumerable<string> TestVectorFiles = Parameters.Keys;
 
-- 
cgit 1.4.1