bcgit
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/generators/MLDSAKeyPairGenerator.java‎
Lines changed: 36 additions & 0 deletions b/‎core/src/main/java/org/bouncycastle/crypto/generators/MLDSAKeyPairGenerator.java‎
Lines changed: 36 additions & 0 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAKeyGenerationParameters.java‎
Lines changed: 24 additions & 0 deletions b/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAKeyGenerationParameters.java‎
Lines changed: 24 additions & 0 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAKeyParameters.java‎
Lines changed: 20 additions & 0 deletions b/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAKeyParameters.java‎
Lines changed: 20 additions & 0 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAParameters.java‎
Lines changed: 46 additions & 0 deletions b/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAParameters.java‎
Lines changed: 46 additions & 0 deletions
diff --git a/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAPrivateKeyParameters.java‎
Lines changed: 216 additions & 0 deletions b/‎core/src/main/java/org/bouncycastle/crypto/params/MLDSAPrivateKeyParameters.java‎
Lines changed: 216 additions & 0 deletions
@@ -0,0 +1,36 @@
+package org.bouncycastle.crypto.generators;
+
+import java.security.SecureRandom;
+
+import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
+import org.bouncycastle.crypto.KeyGenerationParameters;
+import org.bouncycastle.crypto.params.MLDSAKeyGenerationParameters;
+import org.bouncycastle.crypto.params.MLDSAParameters;
+import org.bouncycastle.crypto.params.MLDSAPrivateKeyParameters;
+import org.bouncycastle.crypto.params.MLDSAPublicKeyParameters;
+import org.bouncycastle.crypto.signers.mldsa.MLDSAEngine;
+
+public class MLDSAKeyPairGenerator
+    implements AsymmetricCipherKeyPairGenerator
+{
+    private MLDSAParameters parameters;
+    private SecureRandom random;
+
+    public void init(KeyGenerationParameters param)
+    {
+        this.parameters = ((MLDSAKeyGenerationParameters)param).getParameters();
+        this.random = param.getRandom();
+    }
+
+    public AsymmetricCipherKeyPair generateKeyPair()
+    {
+        MLDSAEngine engine = new MLDSAEngine(parameters.getK(), random);
+
+        byte[][] keyPair = engine.generateKeyPair();
+        MLDSAPublicKeyParameters pubKey = new MLDSAPublicKeyParameters(parameters, keyPair[0], keyPair[6]);
+        MLDSAPrivateKeyParameters privKey = new MLDSAPrivateKeyParameters(parameters, keyPair[0], keyPair[1], keyPair[2], keyPair[3], keyPair[4], keyPair[5], keyPair[6], keyPair[7]);
+
+        return new AsymmetricCipherKeyPair(pubKey, privKey);
+    }
+}
@@ -0,0 +1,24 @@
+package org.bouncycastle.crypto.params;
+
+import java.security.SecureRandom;
+
+import org.bouncycastle.crypto.KeyGenerationParameters;
+
+public class MLDSAKeyGenerationParameters
+    extends KeyGenerationParameters
+{
+    private final MLDSAParameters params;
+
+    public MLDSAKeyGenerationParameters(
+        SecureRandom random,
+        MLDSAParameters mldsaParameters)
+    {
+        super(random, 256);
+        this.params = mldsaParameters;
+    }
+
+    public MLDSAParameters getParameters()
+    {
+        return params;
+    }
+}
@@ -0,0 +1,20 @@
+package org.bouncycastle.crypto.params;
+
+public class MLDSAKeyParameters
+    extends AsymmetricKeyParameter
+{
+    private final MLDSAParameters params;
+
+    public MLDSAKeyParameters(
+        boolean isPrivate,
+        MLDSAParameters params)
+    {
+        super(isPrivate);
+        this.params = params;
+    }
+
+    public MLDSAParameters getParameters()
+    {
+        return params;
+    }
+}
@@ -0,0 +1,46 @@
+package org.bouncycastle.crypto.params;
+
+public class MLDSAParameters
+{
+    public static final int TYPE_PURE = 0;
+    public static final int TYPE_SHA2_512 = 1;
+
+    public static final MLDSAParameters ml_dsa_44 = new MLDSAParameters("ml-dsa-44", 2, TYPE_PURE);
+    public static final MLDSAParameters ml_dsa_65 = new MLDSAParameters("ml-dsa-65", 3, TYPE_PURE);
+    public static final MLDSAParameters ml_dsa_87 = new MLDSAParameters("ml-dsa-87", 5, TYPE_PURE);
+
+    public static final MLDSAParameters ml_dsa_44_with_sha512 = new MLDSAParameters("ml-dsa-44-with-sha512", 2, TYPE_SHA2_512);
+    public static final MLDSAParameters ml_dsa_65_with_sha512 = new MLDSAParameters("ml-dsa-65-with-sha512", 3, TYPE_SHA2_512);
+    public static final MLDSAParameters ml_dsa_87_with_sha512 = new MLDSAParameters("ml-dsa-87-with-sha512", 5, TYPE_SHA2_512);
+
+    private final int k;
+    private final String name;
+    private final int preHashDigest;
+
+    private MLDSAParameters(String name, int k, int preHashDigest)
+    {
+        this.name = name;
+        this.k = k;
+        this.preHashDigest = preHashDigest;
+    }
+
+    public boolean isPreHash()
+    {
+        return preHashDigest != TYPE_PURE;
+    }
+
+    public int getType()
+    {
+        return preHashDigest;
+    }
+
+    public int getK()
+    {
+        return k;
+    }
+   
+    public String getName()
+    {
+        return name;
+    }
+}
@@ -0,0 +1,216 @@
+package org.bouncycastle.crypto.params;
+
+import org.bouncycastle.crypto.signers.mldsa.MLDSAEngine;
+import org.bouncycastle.util.Arrays;
+
+public class MLDSAPrivateKeyParameters
+    extends MLDSAKeyParameters
+{
+    public static final int BOTH = 0;
+    public static final int SEED_ONLY = 1;
+    public static final int EXPANDED_KEY = 2;
+
+    final byte[] rho;
+    final byte[] k;
+    final byte[] tr;
+    final byte[] s1;
+    final byte[] s2;
+    final byte[] t0;
+
+    private final byte[] t1;
+    private final byte[] seed;
+
+    private final int prefFormat;
+
+    public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] encoding)
+    {
+        this(params, encoding, null);
+    }
+
+    public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] rho, byte[] K, byte[] tr, byte[] s1, byte[] s2, byte[] t0, byte[] t1)
+    {
+        this(params, rho, K, tr, s1, s2, t0, t1, null);
+    }
+
+    public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] rho, byte[] K, byte[] tr, byte[] s1, byte[] s2, byte[] t0, byte[] t1, byte[] seed)
+    {
+        super(true, params);
+        this.rho = Arrays.clone(rho);
+        this.k = Arrays.clone(K);
+        this.tr = Arrays.clone(tr);
+        this.s1 = Arrays.clone(s1);
+        this.s2 = Arrays.clone(s2);
+        this.t0 = Arrays.clone(t0);
+        this.t1 = Arrays.clone(t1);
+        this.seed = Arrays.clone(seed);
+        this.prefFormat = (seed != null) ? BOTH : EXPANDED_KEY;
+    }
+
+    public MLDSAPrivateKeyParameters(MLDSAParameters params, byte[] encoding, MLDSAPublicKeyParameters pubKey)
+    {
+        super(true, params);
+
+        MLDSAEngine eng = new MLDSAEngine(params.getK(), null);
+        if (encoding.length == MLDSAEngine.SeedBytes)
+        {
+            byte[][] keyDetails = eng.generateKeyPairInternal(encoding);
+
+            this.rho = keyDetails[0];
+            this.k = keyDetails[1];
+            this.tr = keyDetails[2];
+            this.s1 = keyDetails[3];
+            this.s2 = keyDetails[4];
+            this.t0 = keyDetails[5];
+            this.t1 = keyDetails[6];
+            this.seed = keyDetails[7];
+        }
+        else
+        {
+            int index = 0;
+            this.rho = Arrays.copyOfRange(encoding, 0, MLDSAEngine.SeedBytes);
+            index += MLDSAEngine.SeedBytes;
+            this.k = Arrays.copyOfRange(encoding, index, index + MLDSAEngine.SeedBytes);
+            index += MLDSAEngine.SeedBytes;
+            this.tr = Arrays.copyOfRange(encoding, index, index + MLDSAEngine.TrBytes);
+            index += MLDSAEngine.TrBytes;
+            int delta = eng.getDilithiumL() * eng.getDilithiumPolyEtaPackedBytes();
+            this.s1 = Arrays.copyOfRange(encoding, index, index + delta);
+            index += delta;
+            delta = eng.getDilithiumK() * eng.getDilithiumPolyEtaPackedBytes();
+            this.s2 = Arrays.copyOfRange(encoding, index, index + delta);
+            index += delta;
+            delta = eng.getDilithiumK() * MLDSAEngine.DilithiumPolyT0PackedBytes;
+            this.t0 = Arrays.copyOfRange(encoding, index, index + delta);
+            index += delta;
+            this.t1 = eng.deriveT1(rho, k, tr, s1, s2, t0);
+            this.seed = null;
+        }
+
+        if (pubKey != null)
+        {
+            if (!Arrays.constantTimeAreEqual(this.t1, pubKey.getT1()))
+            {
+                throw new IllegalArgumentException("passed in public key does not match private values");
+            }
+        }
+
+        this.prefFormat = (seed != null) ? BOTH : EXPANDED_KEY;
+    }
+
+    private MLDSAPrivateKeyParameters(MLDSAPrivateKeyParameters params, int preferredFormat)
+    {
+        super(true, params.getParameters());
+
+        this.rho = params.rho;
+        this.k = params.k;
+        this.tr = params.tr;
+        this.s1 = params.s1;
+        this.s2 = params.s2;
+        this.t0 = params.t0;
+        this.t1 = params.t1;
+        this.seed = params.seed;
+        this.prefFormat = preferredFormat;
+    }
+
+    public MLDSAPrivateKeyParameters getParametersWithFormat(int format)
+    {
+        if (this.prefFormat == format)
+        {
+            return this;
+        }
+
+        switch (format)
+        {
+        case BOTH:
+        case SEED_ONLY:
+        {
+            if (this.seed == null)
+            {
+                throw new IllegalStateException("no seed available");
+            }
+            break;
+        }
+        case EXPANDED_KEY:
+            break;
+        default:
+            throw new IllegalArgumentException("unknown format");
+        }
+
+        return new MLDSAPrivateKeyParameters(this, format);
+    }
+
+    public int getPreferredFormat()
+    {
+        return prefFormat;
+    }
+
+    public byte[] getEncoded()
+    {
+        return Arrays.concatenate(new byte[][]{rho, k, tr, s1, s2, t0});
+    }
+
+    public byte[] getK()
+    {
+        return Arrays.clone(k);
+    }
+
+    /**
+     * @deprecated Use {@link #getEncoded()} instead.
+     */
+    @Deprecated
+    @SuppressWarnings("InlineMeSuggester")
+    public byte[] getPrivateKey()
+    {
+        return getEncoded();
+    }
+
+    public byte[] getPublicKey()
+    {
+        return MLDSAPublicKeyParameters.getEncoded(rho, t1);
+    }
+
+    public byte[] getSeed()
+    {
+        return Arrays.clone(seed);
+    }
+
+    public MLDSAPublicKeyParameters getPublicKeyParameters()
+    {
+        if (this.t1 == null)
+        {
+            return null;
+        }
+        
+        return new MLDSAPublicKeyParameters(getParameters(), rho, t1);
+    }
+
+    public byte[] getRho()
+    {
+        return Arrays.clone(rho);
+    }
+
+    public byte[] getS1()
+    {
+        return Arrays.clone(s1);
+    }
+
+    public byte[] getS2()
+    {
+        return Arrays.clone(s2);
+    }
+
+    public byte[] getT0()
+    {
+        return Arrays.clone(t0);
+    }
+
+    public byte[] getT1()
+    {
+        return Arrays.clone(t1);
+    }
+
+    public byte[] getTr()
+    {
+        return Arrays.clone(tr);
+    }
+}