From 5d26a748bb83e67ea1cb9b2bdce803eed1251e13 Mon Sep 17 00:00:00 2001 From: larabr <7375870+larabr@users.noreply.github.com> Date: Thu, 4 Jul 2024 16:45:08 +0200 Subject: [PATCH] Switch to noble-post-quantum for ML-DSA --- package-lock.json | 181 ++++-------------- package.json | 2 +- .../post_quantum/signature/ml_dsa.js | 23 +-- 3 files changed, 46 insertions(+), 160 deletions(-) diff --git a/package-lock.json b/package-lock.json index b45422c62f..11d14d6c62 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,10 +9,10 @@ "version": "6.0.0-beta.2", "license": "LGPL-3.0+", "devDependencies": { - "@asanrom/dilithium": "^1.1.0", "@noble/curves": "^1.4.0", "@noble/ed25519": "^1.7.3", "@noble/hashes": "^1.4.0", + "@noble/post-quantum": "^0.1.0", "@openpgp/asmcrypto.js": "^3.1.0", "@openpgp/crystals-kyber-js": "^1.1.1", "@openpgp/jsdoc": "^3.6.11", @@ -66,20 +66,6 @@ "node": ">= 18.0.0" } }, - "node_modules/@asanrom/dilithium": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@asanrom/dilithium/-/dilithium-1.1.0.tgz", - "integrity": "sha512-BDzk5QmTfknoneVixJ6xotruqFB+bCYAMTzF14fwKIOrusFSpzJzIpTugvpWKovULcC+OxDwexobwB/BUlaIug==", - "dev": true, - "dependencies": { - "long": "5.2.0", - "randombytes": "2.1.0", - "sha3": "2.1.4" - }, - "engines": { - "node": ">= 12.0.0" - } - }, "node_modules/@babel/code-frame": { "version": "7.24.2", "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", @@ -818,6 +804,15 @@ "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "node_modules/@noble/ciphers": { + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.5.2.tgz", + "integrity": "sha512-GADtQmZCdgbnNp+daPLc3OY3ibEtGGDV/+CzeM3MFnhiQ7ELQKlsHWYq0YbYUXx4jU3/Y1erAxU6r+hwpewqmQ==", + "dev": true, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, "node_modules/@noble/curves": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.4.0.tgz", @@ -854,6 +849,19 @@ "url": "https://paulmillr.com/funding/" } }, + "node_modules/@noble/post-quantum": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@noble/post-quantum/-/post-quantum-0.1.0.tgz", + "integrity": "sha512-JG1K5NaeYr7hVzLdbtm0OYaNDbr95k2kxHFOyELuwQveRnfcoRNdHcHnG67XdxJuRVgsfs3ZWzjme4LIWaxVuw==", + "dev": true, + "dependencies": { + "@noble/ciphers": "0.5.2", + "@noble/hashes": "1.4.0" + }, + "funding": { + "url": "https://paulmillr.com/funding/" + } + }, "node_modules/@nodelib/fs.scandir": { "version": "2.1.5", "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", @@ -2093,26 +2101,6 @@ "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", "dev": true }, - "node_modules/base64-js": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", - "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, "node_modules/base64id": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/base64id/-/base64id-2.0.0.tgz", @@ -2269,30 +2257,6 @@ "node": ">= 6" } }, - "node_modules/buffer": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz", - "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ], - "dependencies": { - "base64-js": "^1.3.1", - "ieee754": "^1.2.1" - } - }, "node_modules/buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", @@ -4620,26 +4584,6 @@ "node": ">=0.10.0" } }, - "node_modules/ieee754": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", - "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", - "dev": true, - "funding": [ - { - "type": "github", - "url": "https://github.com/sponsors/feross" - }, - { - "type": "patreon", - "url": "https://www.patreon.com/feross" - }, - { - "type": "consulting", - "url": "https://feross.org/support" - } - ] - }, "node_modules/ignore": { "version": "5.3.1", "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.1.tgz", @@ -5899,12 +5843,6 @@ "node": ">=8.0" } }, - "node_modules/long": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/long/-/long-5.2.0.tgz", - "integrity": "sha512-9RTUNjK60eJbx3uz+TEGF7fUr29ZDxR5QzXcyDpeSfeH28S9ycINflOgOlppit5U+4kNTe83KQnMEerw7GmE8w==", - "dev": true - }, "node_modules/loose-envify": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz", @@ -7432,15 +7370,6 @@ "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==", "dev": true }, - "node_modules/sha3": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/sha3/-/sha3-2.1.4.tgz", - "integrity": "sha512-S8cNxbyb0UGUM2VhRD4Poe5N58gJnJsLJ5vC7FYWGUmGhcsj4++WaIOBFVDxlG0W3To6xBuiRh+i0Qp2oNCOtg==", - "dev": true, - "dependencies": { - "buffer": "6.0.3" - } - }, "node_modules/shebang-command": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", @@ -8707,17 +8636,6 @@ } }, "dependencies": { - "@asanrom/dilithium": { - "version": "1.1.0", - "resolved": "https://registry.npmjs.org/@asanrom/dilithium/-/dilithium-1.1.0.tgz", - "integrity": "sha512-BDzk5QmTfknoneVixJ6xotruqFB+bCYAMTzF14fwKIOrusFSpzJzIpTugvpWKovULcC+OxDwexobwB/BUlaIug==", - "dev": true, - "requires": { - "long": "5.2.0", - "randombytes": "2.1.0", - "sha3": "2.1.4" - } - }, "@babel/code-frame": { "version": "7.24.2", "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.24.2.tgz", @@ -9172,6 +9090,12 @@ "@jridgewell/sourcemap-codec": "^1.4.14" } }, + "@noble/ciphers": { + "version": "0.5.2", + "resolved": "https://registry.npmjs.org/@noble/ciphers/-/ciphers-0.5.2.tgz", + "integrity": "sha512-GADtQmZCdgbnNp+daPLc3OY3ibEtGGDV/+CzeM3MFnhiQ7ELQKlsHWYq0YbYUXx4jU3/Y1erAxU6r+hwpewqmQ==", + "dev": true + }, "@noble/curves": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/@noble/curves/-/curves-1.4.0.tgz", @@ -9193,6 +9117,16 @@ "integrity": "sha512-V1JJ1WTRUqHHrOSh597hURcMqVKVGL/ea3kv0gSnEdsEZ0/+VyPghM1lMNGc00z7CIQorSvbKpuJkxvuHbvdbg==", "dev": true }, + "@noble/post-quantum": { + "version": "0.1.0", + "resolved": "https://registry.npmjs.org/@noble/post-quantum/-/post-quantum-0.1.0.tgz", + "integrity": "sha512-JG1K5NaeYr7hVzLdbtm0OYaNDbr95k2kxHFOyELuwQveRnfcoRNdHcHnG67XdxJuRVgsfs3ZWzjme4LIWaxVuw==", + "dev": true, + "requires": { + "@noble/ciphers": "0.5.2", + "@noble/hashes": "1.4.0" + } + }, "@nodelib/fs.scandir": { "version": "2.1.5", "resolved": "https://registry.npmjs.org/@nodelib/fs.scandir/-/fs.scandir-2.1.5.tgz", @@ -10031,12 +9965,6 @@ "integrity": "sha512-3oSeUO0TMV67hN1AmbXsK4yaqU7tjiHlbxRDZOpH0KW9+CeX4bRAaX0Anxt0tx2MrpRpWwQaPwIlISEJhYU5Pw==", "dev": true }, - "base64-js": { - "version": "1.5.1", - "resolved": "https://registry.npmjs.org/base64-js/-/base64-js-1.5.1.tgz", - "integrity": "sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==", - "dev": true - }, "base64id": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/base64id/-/base64id-2.0.0.tgz", @@ -10175,16 +10103,6 @@ } } }, - "buffer": { - "version": "6.0.3", - "resolved": "https://registry.npmjs.org/buffer/-/buffer-6.0.3.tgz", - "integrity": "sha512-FTiCpNxtwiZZHEZbcbTIcZjERVICn9yq/pDFkTl95/AxzD1naBctN7YO68riM/gLSDY7sdrMby8hofADYuuqOA==", - "dev": true, - "requires": { - "base64-js": "^1.3.1", - "ieee754": "^1.2.1" - } - }, "buffer-from": { "version": "1.1.2", "resolved": "https://registry.npmjs.org/buffer-from/-/buffer-from-1.1.2.tgz", @@ -11975,12 +11893,6 @@ "safer-buffer": ">= 2.1.2 < 3" } }, - "ieee754": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/ieee754/-/ieee754-1.2.1.tgz", - "integrity": "sha512-dcyqhDvX1C46lXZcVqCpK+FtMRQVdIMN6/Df5js2zouUsqG7I6sFxitIC+7KYK29KdXOLHdu9zL4sFnoVQnqaA==", - "dev": true - }, "ignore": { "version": "5.3.1", "resolved": "https://registry.npmjs.org/ignore/-/ignore-5.3.1.tgz", @@ -12930,12 +12842,6 @@ "streamroller": "^3.1.5" } }, - "long": { - "version": "5.2.0", - "resolved": "https://registry.npmjs.org/long/-/long-5.2.0.tgz", - "integrity": "sha512-9RTUNjK60eJbx3uz+TEGF7fUr29ZDxR5QzXcyDpeSfeH28S9ycINflOgOlppit5U+4kNTe83KQnMEerw7GmE8w==", - "dev": true - }, "loose-envify": { "version": "1.4.0", "resolved": "https://registry.npmjs.org/loose-envify/-/loose-envify-1.4.0.tgz", @@ -14053,15 +13959,6 @@ "integrity": "sha512-E5LDX7Wrp85Kil5bhZv46j8jOeboKq5JMmYM3gVGdGH8xFpPWXUMsNrlODCrkoxMEeNi/XZIwuRvY4XNwYMJpw==", "dev": true }, - "sha3": { - "version": "2.1.4", - "resolved": "https://registry.npmjs.org/sha3/-/sha3-2.1.4.tgz", - "integrity": "sha512-S8cNxbyb0UGUM2VhRD4Poe5N58gJnJsLJ5vC7FYWGUmGhcsj4++WaIOBFVDxlG0W3To6xBuiRh+i0Qp2oNCOtg==", - "dev": true, - "requires": { - "buffer": "6.0.3" - } - }, "shebang-command": { "version": "2.0.0", "resolved": "https://registry.npmjs.org/shebang-command/-/shebang-command-2.0.0.tgz", diff --git a/package.json b/package.json index caad084961..d91a385494 100644 --- a/package.json +++ b/package.json @@ -65,7 +65,7 @@ "@noble/curves": "^1.4.0", "@noble/ed25519": "^1.7.3", "@noble/hashes": "^1.4.0", - "@asanrom/dilithium": "^1.1.0", + "@noble/post-quantum": "^0.1.0", "@openpgp/asmcrypto.js": "^3.1.0", "@openpgp/crystals-kyber-js": "^1.1.1", "@openpgp/jsdoc": "^3.6.11", diff --git a/src/crypto/public_key/post_quantum/signature/ml_dsa.js b/src/crypto/public_key/post_quantum/signature/ml_dsa.js index 55c1b0da8a..9ec6ef80ed 100644 --- a/src/crypto/public_key/post_quantum/signature/ml_dsa.js +++ b/src/crypto/public_key/post_quantum/signature/ml_dsa.js @@ -3,14 +3,8 @@ import enums from '../../../../enums'; export async function generate(algo) { switch (algo) { case enums.publicKey.pqc_mldsa_ed25519: { - const { DilithiumKeyPair, DilithiumLevel } = await import('@asanrom/dilithium'); - - const level = DilithiumLevel.get(3); - const keyPair = DilithiumKeyPair.generate(level); - - const mldsaSecretKey = keyPair.getPrivateKey().getBytes(); - const mldsaPublicKey = keyPair.getPublicKey().getBytes(); - + const { ml_dsa65 } = await import('@noble/post-quantum/ml-dsa'); + const { secretKey: mldsaSecretKey, publicKey: mldsaPublicKey } = ml_dsa65.keygen(); return { mldsaSecretKey, mldsaPublicKey }; } default: @@ -21,10 +15,8 @@ export async function generate(algo) { export async function sign(algo, mldsaSecretKey, dataDigest) { switch (algo) { case enums.publicKey.pqc_mldsa_ed25519: { - const { DilithiumPrivateKey, DilithiumLevel } = await import('@asanrom/dilithium'); - const level = DilithiumLevel.get(3); - const secretKey = DilithiumPrivateKey.fromBytes(mldsaSecretKey, level); - const mldsaSignature = secretKey.sign(dataDigest).getBytes(); + const { ml_dsa65 } = await import('@noble/post-quantum/ml-dsa'); + const mldsaSignature = ml_dsa65.sign(mldsaSecretKey, dataDigest); return { mldsaSignature }; } default: @@ -35,11 +27,8 @@ export async function sign(algo, mldsaSecretKey, dataDigest) { export async function verify(algo, mldsaPublicKey, dataDigest, mldsaSignature) { switch (algo) { case enums.publicKey.pqc_mldsa_ed25519: { - const { DilithiumPublicKey, DilithiumSignature, DilithiumLevel } = await import('@asanrom/dilithium'); - const level = DilithiumLevel.get(3); - const publicKey = DilithiumPublicKey.fromBytes(mldsaPublicKey, level); - const signature = DilithiumSignature.fromBytes(mldsaSignature, level); - return publicKey.verifySignature(dataDigest, signature); + const { ml_dsa65 } = await import('@noble/post-quantum/ml-dsa'); + return ml_dsa65.verify(mldsaPublicKey, dataDigest, mldsaSignature); } default: throw new Error('Unsupported signature algorithm');