Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] MLDsaPublicKeyParameters FromEncoded ArgumentException("invalid encoding") (Wrong length check) #590

Open
pshoey opened this issue Jan 14, 2025 · 1 comment
Open

[BUG] MLDsaPublicKeyParameters FromEncoded ArgumentException("invalid encoding") (Wrong length check) #590

pshoey opened this issue Jan 14, 2025 · 1 comment
Labels
bug Something isn't working

Comments

@pshoey
Copy link

pshoey commented Jan 14, 2025

Importing an ML-DSA public key from a previously generated key that has been exported with GetEncoded() method, does not import - instead throws ArgumentException "invalid encoding". The check in MLDsaPublicKeyParameters FromEncoded method on the length of the encoding parameter only checks against the public key length - it needs to include the length of the seed key. The encoded data length is 1984 bytes (1952 public key length + 32 seed length).

Create a new ML-DSA key pair, export the public key and create a new ML-DSA public key from the encoded data.

    var mlDsaKeyGenerationParameters =
        new MLDsaKeyGenerationParameters(new SecureRandom(),
        MLDsaParameters.ml_dsa_65);

    var keyPairGenerator = new MLDsaKeyPairGenerator();

    keyPairGenerator.Init(mlDsaKeyGenerationParameters);
    var key = keyPairGenerator.GenerateKeyPair();

    var privateKey = (MLDsaPrivateKeyParameters)key.Private;
    var publicKey = (MLDsaPublicKeyParameters)key.Public;

    var privateKeyEncoded = privateKey.GetEncoded();
    var publicKeyEncoded = publicKey.GetEncoded();

    var newPrivateKey = MLDsaPrivateKeyParameters.FromEncoding(
        MLDsaParameters.ml_dsa_65, privateKeyEncoded);

    var newPublicKey = MLDsaPublicKeyParameters.FromEncoding(
        MLDsaParameters.ml_dsa_65, publicKeyEncoded);

The final call to MLDsaPublicKeyParameters.FromEncoding throws ArgumentException("invalid encoding").

Using BouncyCastle.Cryptography nuget package v2.5.0
@pshoey pshoey added the bug Something isn't working label Jan 14, 2025
@pshoey pshoey changed the title [BUG] MLDsaPublicKeyParameters FromEncoded wrong length check [BUG] MLDsaPublicKeyParameters FromEncoded ArgumentException("invalid encoding") (Wrong length check) Jan 14, 2025
@peterdettman
Copy link
Collaborator

I don't get an exception running the above code, and the lengths involved are correct; encoded PK length for ML-DSA-65 is 1952 i.e. 32 (rho) + 32610 (t1). We also have test coverage based on NIST test vectors.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@peterdettman @pshoey