search

bcgit / bc-java

Bouncy Castle Java Distribution (Mirror)
https://www.bouncycastle.org/java.html
MIT License
2.29k stars 1.13k forks source link

Dilithium3 signatures not compliant to fips204 Table 2. #1734

Closed alvesfonseca closed 2 months ago

alvesfonseca commented 3 months ago

NIST.FIPS.204.ipd.pdf

Hi,

I am experimenting with BC bcprov-jdk18on-1.78.1.jar and java-21-openjdk-amd64 and I am facing some issues regarding PQC signature primitives.

As an example, let's take a Dilithium3 signature. According to fips204 (Table 2), Dilithium3 signatures size in bytes should be 3293.

Captura de tela de 2024-07-05 09-29-02

Projects like liboqs are compliant to this table. However, BC seems to not follow the recommended constraints.

None of the test vectors on file bc-test-data/pqc/crypto/dilithium/PQCsignKAT_Dilithium3.rsp has signature size equals to 3293.

If you create a Root CA using EJBCA, the certificate has the following signature-related artifacts:

//        EJBCA
String msg = "30820897a00302010202147e83b8d0e76bbd078ec549d01f1739882f68ec78300d060b2b0601040102820b07060530163114301206035504030c0b44696c69746869756d4341301e170d3234303730333138313733335a170d3236303730333138313733325a30163114301206035504030c0b44696c69746869756d4341308207b4300d060b2b0601040102820b070605038207a100003db5adc569f3571fef6c5a9b38b52d862721ac54130f2efe4c4cc3e202179473f1dc8de883346f216566b0d8f32f4144f4d1551af0ca52a46926493566751ea659b079d98d31dca4a318cf1ac96e3c17e7e0f05336defb0dc6b659572cf696e4a5c32e95d2e830693730c5591f1533f048fa50c77329805fe07d745f5d6acb8306915526b5b67fda3f6a97e4933affe38897a1517d0b84558fab2b0ef951223a7402a38c43f6cec35b80afb46f0cd156d21dae190d297dd6295910bf7ffae250d093bf7044d7f06512df41a035b8459c232203ba21d741be5fdcc99e4e6f16e10185de4b8a32d2986dfe9096da53d288ad9eb4fdb2a277bf90d27eadae18fb5179a16d3b7841087523a55c2a583dc9e01165d9c681f91092dbfd9413122abd57c5daa1c3fdc2491310487c26e5f46ee5fccaa00ed5ebbf6090b2fa4e3025fea46d878e2f242882e225342f43907a39414569374e50393a1924eb71ca6c133bc0fcd9bdbd936770c0e20f96e27558baf42736a677a13e6c645d4f88e4214edb37921bb416944e0809063db5fa2314b443c8ead5dc36fb469820fcff2f9c7529db68328efe1426eda06fbf7dc7e9d41a885543684f6f50063992e025eeda9e17296dc799a77764f444bb43bc01d24dd568778c04ba21adc1ab980d9491226f17285a0cbe19bb21701fcf58393f3ad64179269b01f1761064174a7dff4689b9dac321f378f57758f28176acd57d45a03b2722faaa0bcc4da1e2d42414bb9fb695b829529eecfe8cf39f88a00d5e2abdca4b3c176d87078e4eda8fd65f6cf8d8f93e12994ccf158feba99ad6e2343721c64ca6f99678ae1ecb5bf77460e6322a77ab68a8c6d437ac9caeff270cb106984c5d7b7c1ba192b338ce9356217872aa3d168e62126bc10f3911aaa32382d419bb97e62c6833fa48843a36fcdc0f07bd4f31bc9b4244906b1e2e1a264efa9ba7f6e35a076242169f7b64fe9a1257c9ef3cef70ff18c4d69f4063b973a8916c07b6e2d2dbd25668037451e57b6bcd366d5b5ad22e7eaa58720289ce98e66001da85d7bc72822b5411d21d92a86a2ba9498f290d85b7024f02976e7a9543a331bbc1ebc005135c871b7ad3efc504aed0f718081d7d5ae11b3a898e4ddc3445f67aed1c442ab27cc53de83e003a4aa8d3e9c5e9beb1151aafef64215e0b3f1db178710a96527e7cb6bef2d6c7566719693be055fe6837253eb6e6c32ec8086e8db5e2cfc21676c597b59436653ade02177f39a723d7e6de47dc555493acc8e14f9797ec5b213fda4f85868b947e262b76bb2c7ea42e5bb1cfc55dc135b5a9b39bd4d6e06658a60db4d632f2efa4d79ecc76f7ee43cc6839f715fe2ac1a252aa541b440ca843f063ec3d06ddb25b1c484a9276a31636b557a1c42ee0526f73b4c21aa9408b7ebe9d87a6495341c47cbda57659aee5fc1bbcffed9dddf4a258cbe40f5b66b9b1a076b16d26dd0ff6d684d37eb7e3653c2426fbb979c854607c7b2b07e9172be84f008418254e71c643a0c74141b3ed6a75c41993f06c3ae6c18d3b4216674d45780718b184c4c092be360163a6288b8c74f2e2a0157f66f43b08dfc0277558c0ced5b496eb1ab77a5060aaa916fd56ef1351a9d04bd0c6f18f3284f102095c450d61221a96072dd31cc2e2f0f43fe3c7ff1ed4d89526954812a63614763f83b2996a8bb805b8c95a28194bf1e5faf749ba77f1a40379bf218e05b480e0d01ab9e59f0ebb9555429fd48731a8e64a46b2a9e8db9478adbada3489c2b19645ab2635b2e1847e2917bccc3535e6af6df2764f3b792eac5d19370988c1b650dba87c1429dd797bb8e67757472cf69fc3acdae96573fe072c6b12b7d5caff34234d60f1dffed3dae06c5092c44a9f35c5228de4f99087c5ebcfbea3da8018d619e8cd4f8fd0fcacc49bb2fbecc9aaed1f767d99d01517a081fcfdf12698646d99051880e4af7793ca9452d7bde1046476682bfeef1057c25ab3ef57b32e13a16164135bfe30cabde5dbe616a3b5c5db6342b5bcacb3a14a38e70c3898849108572472ef075185a97dd2526cb0532d35cd3dd1ddd4615b368fa6e3c76f2107a187567cd2fb3358fcd0c57fc4231b832dcdbb46c99c49e071865b2d4edcddf220e479383ca36d7427da6b0c72adba53600a860523d2c23a17e53315e22b13504823612d3e10e705f3d7c4a7079656e4e272aa828ec7197cf2a9b71f98b2394413dcbaec73656049e1f032a7782926f2703eab1c9f8276e338251bc1bffe7805d61e296df80945cc15351c1b27a68d5de76fd4a9d2cdd4cea981b508b783878ce8721f641e4830ad760a9d9b68512c80d847ad64b42ff25f95b15c7729f531693ad9122fb81babf7580b437deabe895bea5cfedff69f375633d9b968792f87b9680b60e24c7c446aa90aab08e87b7e7a448ce21b84b84ea2a60d72513de6425b735760f16d829b3adf9b86c2601766e02fd5d92507205d4612282705a3f6ddacad6afabd6e2e320b1f7c2558512c07b00ed71123cf7cb111a0cea25c1f093704f596e2e616e654b6fb579b0fe439d0a13204c878a26e6b2de198a31d27354f0b08a9eda4f8d025ccc95fd0c105a024955ceb8664d8a2004e9127ec1ac9664b566add880a0d29cf475140fc466cf451eca509c59bb67fbf3437c97407a13c26d341b9cab5451f543f481f6cb8103eaed9817b5da740d3034804453b3b6ce37e10fb2871178a28b75a073f1450635453a375a3633061300f0603551d130101ff040530030101ff301f0603551d23041830168014650342b3f2dac55c54ef78087cd3c0a05a1c1458301d0603551d0e04160414650342b3f2dac55c54ef78087cd3c0a05a1c1458300e0603551d0f0101ff040403020186";
String pk = "003db5adc569f3571fef6c5a9b38b52d862721ac54130f2efe4c4cc3e202179473f1dc8de883346f216566b0d8f32f4144f4d1551af0ca52a46926493566751ea659b079d98d31dca4a318cf1ac96e3c17e7e0f05336defb0dc6b659572cf696e4a5c32e95d2e830693730c5591f1533f048fa50c77329805fe07d745f5d6acb8306915526b5b67fda3f6a97e4933affe38897a1517d0b84558fab2b0ef951223a7402a38c43f6cec35b80afb46f0cd156d21dae190d297dd6295910bf7ffae250d093bf7044d7f06512df41a035b8459c232203ba21d741be5fdcc99e4e6f16e10185de4b8a32d2986dfe9096da53d288ad9eb4fdb2a277bf90d27eadae18fb5179a16d3b7841087523a55c2a583dc9e01165d9c681f91092dbfd9413122abd57c5daa1c3fdc2491310487c26e5f46ee5fccaa00ed5ebbf6090b2fa4e3025fea46d878e2f242882e225342f43907a39414569374e50393a1924eb71ca6c133bc0fcd9bdbd936770c0e20f96e27558baf42736a677a13e6c645d4f88e4214edb37921bb416944e0809063db5fa2314b443c8ead5dc36fb469820fcff2f9c7529db68328efe1426eda06fbf7dc7e9d41a885543684f6f50063992e025eeda9e17296dc799a77764f444bb43bc01d24dd568778c04ba21adc1ab980d9491226f17285a0cbe19bb21701fcf58393f3ad64179269b01f1761064174a7dff4689b9dac321f378f57758f28176acd57d45a03b2722faaa0bcc4da1e2d42414bb9fb695b829529eecfe8cf39f88a00d5e2abdca4b3c176d87078e4eda8fd65f6cf8d8f93e12994ccf158feba99ad6e2343721c64ca6f99678ae1ecb5bf77460e6322a77ab68a8c6d437ac9caeff270cb106984c5d7b7c1ba192b338ce9356217872aa3d168e62126bc10f3911aaa32382d419bb97e62c6833fa48843a36fcdc0f07bd4f31bc9b4244906b1e2e1a264efa9ba7f6e35a076242169f7b64fe9a1257c9ef3cef70ff18c4d69f4063b973a8916c07b6e2d2dbd25668037451e57b6bcd366d5b5ad22e7eaa58720289ce98e66001da85d7bc72822b5411d21d92a86a2ba9498f290d85b7024f02976e7a9543a331bbc1ebc005135c871b7ad3efc504aed0f718081d7d5ae11b3a898e4ddc3445f67aed1c442ab27cc53de83e003a4aa8d3e9c5e9beb1151aafef64215e0b3f1db178710a96527e7cb6bef2d6c7566719693be055fe6837253eb6e6c32ec8086e8db5e2cfc21676c597b59436653ade02177f39a723d7e6de47dc555493acc8e14f9797ec5b213fda4f85868b947e262b76bb2c7ea42e5bb1cfc55dc135b5a9b39bd4d6e06658a60db4d632f2efa4d79ecc76f7ee43cc6839f715fe2ac1a252aa541b440ca843f063ec3d06ddb25b1c484a9276a31636b557a1c42ee0526f73b4c21aa9408b7ebe9d87a6495341c47cbda57659aee5fc1bbcffed9dddf4a258cbe40f5b66b9b1a076b16d26dd0ff6d684d37eb7e3653c2426fbb979c854607c7b2b07e9172be84f008418254e71c643a0c74141b3ed6a75c41993f06c3ae6c18d3b4216674d45780718b184c4c092be360163a6288b8c74f2e2a0157f66f43b08dfc0277558c0ced5b496eb1ab77a5060aaa916fd56ef1351a9d04bd0c6f18f3284f102095c450d61221a96072dd31cc2e2f0f43fe3c7ff1ed4d89526954812a63614763f83b2996a8bb805b8c95a28194bf1e5faf749ba77f1a40379bf218e05b480e0d01ab9e59f0ebb9555429fd48731a8e64a46b2a9e8db9478adbada3489c2b19645ab2635b2e1847e2917bccc3535e6af6df2764f3b792eac5d19370988c1b650dba87c1429dd797bb8e67757472cf69fc3acdae96573fe072c6b12b7d5caff34234d60f1dffed3dae06c5092c44a9f35c5228de4f99087c5ebcfbea3da8018d619e8cd4f8fd0fcacc49bb2fbecc9aaed1f767d99d01517a081fcfdf12698646d99051880e4af7793ca9452d7bde1046476682bfeef1057c25ab3ef57b32e13a16164135bfe30cabde5dbe616a3b5c5db6342b5bcacb3a14a38e70c3898849108572472ef075185a97dd2526cb0532d35cd3dd1ddd4615b368fa6e3c76f2107a187567cd2fb3358fcd0c57fc4231b832dcdbb46c99c49e071865b2d4edcddf220e479383ca36d7427da6b0c72adba53600a860523d2c23a17e53315e22b13504823612d3e10e705f3d7c4a7079656e4e272aa828ec7197cf2a9b71f98b2394413dcbaec73656049e1f032a7782926f2703eab1c9f8276e338251bc1bffe7805d61e296df80945cc15351c1b27a68d5de76fd4a9d2cdd4cea981b508b783878ce8721f641e4830ad760a9d9b68512c80d847ad64b42ff25f95b15c7729f531693ad9122fb81babf7580b437deabe895bea5cfedff69f375633d9b968792f87b9680b60e24c7c446aa90aab08e87b7e7a448ce21b84b84ea2a60d72513de6425b735760f16d829b3adf9b86c2601766e02fd5d92507205d4612282705a3f6ddacad6afabd6e2e320b1f7c2558512c07b00ed71123cf7cb111a0cea25c1f093704f596e2e616e654b6fb579b0fe439d0a13204c878a26e6b2de198a31d27354f0b08a9eda4f8d025ccc95fd0c105a024955ceb8664d8a2004e9127ec1ac9664b566add880a0d29cf475140fc466cf451eca509c59bb67fbf3437c97407a13c26d341b9cab5451f543f481f6cb8103eaed9817b5da740d3034804453b3b6ce37e10fb2871178a28b75a073f1450635453a375";
String sigGenerated = "5002278ca89b884af27497219a64f030473eb4cf77a626735f06db65503834856a2117a9e2a29372a92159cd9145f7a5caa5d67468c071778945d3742d420d797665433d08763d377c90a25e250d1cfeadcb126054420d06400abfe77743efbbf50708bb0b801b495601dcaa3eed27366d3ace53f34c93772578f877098c25674edbc7aae487cedb0787f4dcbf60bf465667543d80440e2acfc21475825308805c9b5f9b29ffac8522e7f220048924035797e65eacfcc09658885345d85a9d259ab0abba4898d726b08de474cedf608f765428a1de5c0fe7b7655041868ddc6c6ea52c0101c500ce9d3f4db1e6f7a4ef389036366adfee8e4fffac5104e9dfd5ef12744d5ae866b0ee79640e3db26b1e620b681069ffb6fff1c160f610a713c890d45cf382fcdb2d5f822ecb180d6ca7f86d2a33d0217dd798bd695acccdd32d4f37eb2876af4fcf0bcf5f8b90eec5ea3db19b6d50d169e7d5de843c0bbfac76e42db3224aeb6804695d4a33d73aebe39b34171accfc75cca40589b0a7d709853e7e79b185ef777270399b3577cd5a809f80d7eceab90be1903ae8665ed8a2f0f818da91d4454be92199f403014cf8b83a932d77a91af86ee640ed8356d4f36af74619c71674148f1843bc2b28676a0fea85dbaa6c6a7d8a4923868e27ade9bb23a159fb8fb3abf24cc3529580e3f682abf57198d0662ec8a51de4916d63d756e49b875815ef23c1656c1bbdca148c896a81ab94127ab154285ca3e619d20a8aae52f84c1d0fcab434f6d652700d541592e4a3243f98e8094e4bc6e132f54a9d9866c63346af0e3128fa785db7bdbae12b7243de060b017ac2eeae34ef09f54d01a985cdadc8612635b96ef4dabc86a08fa652417ccaa201702bf411e88ee5ef21003dfa2f1ee6de085693a1554060da937906604b80fd3ef22f3a75356fdfb7aec9af1f443f5cd39249bb83787ee07d86ff80b749936241128e91697ef435d3b4177602f8f5dfd74d57a0b7c696cb0677cd613cd9bc371ec102e78c2ec54fd90f4ca0f3e1fe651a6cb8be263b2886b687255bbd35716ea1ddda73867e9ac21ae215ec2dde683ab24975f66968e8a1d3c56f988bf2f51c618850d04b4e98d39854c4e088434b28263fbd61079d36f85678c070bf11a2c609a045454f8b7028915440034fd178eaa79fdc7d40e1c1eb582de67d6e65cc6fd90684047da4805b8810b1eb1fc6abc988238c643204c925fc317713a84be6917bc135a7d337fd905f12a15ced1b893550213441916f5fdfde9a856f0920b7668ed3cdbf40ea4c4b5091caf1525cefa8727ef57bc6cc009aa1f6705e9e9c4f0137e571d1651b1f7405862b54bd617aa427ff55b454f5134c819faf5704784f0c09e759bca23767ab2ea4621a475d32a34683081a8aef4e2a708cd13a3f8d406f016a89d638c5d33e5e2ab6356cf6c31bce73c5319380e9003bc978c6953de279fa86ad3149d079562ec0defda5ee300c934188d28cd1edd98dc69d8723da6e2ad9299854da098b2b270c21b52546c07acc00cdd6c701a69a77cb680efbbc7c8cab763639774dcc9d0fe5a4fdeb5d632749f4b353417a211c97a9d47bd4c8e1003d726ee7e439b88f285fab0298b28feab115a7f46147bf783ece28355a28f8972e86fed8cad6246b48deb82d8512c3463fe4c284e55a5d8cedb94e20996642214d3d5978284accb19686a73b4e53b5801f18b550d8c7cdb775511dad5c5d2867714ddb41a3a06f6e6237b89811c7188843778a094cd75565904fbbf3952e7de8064d899fd628935032a07d525c868173f16b00323687854ea041dc29f798953fc87f8e949de639ca09bc907ba3ee5bbb3c3e6334ae12993972dd4f9f46d8497facdd6e043dafd81c0b37b04e124d0e04ac12d2d551cc39a5a8e6b4bed155082f2fab805219d2d9f5fe4e65758a198786121018a930fa47eaaeb0486c4871d13b5202c9b40a9b748e17e7ac2e152d94ba63faa068e340e91eda4ab7eb9d39b9cc141b7464cc986173e1f60959f58f83f0578eb55cf3ab0114faec9150c3a08491650ef181fcc1722befa619b1a993e5680a77bad672a609335f4b423b290e7cf14828dd02a66ba80fe91f7cc974e64208ce82b45b6710ce04f129f0d76cff77f6e187f48960ca47bc43232a845b1a242942a695a61b69f27a4dbc6f3c5edadd5595fc5ad21bf70b6b079e42bc48d795aa83743c9dc66d18cf98e6008f5cbc078b40d01a6484eeb57c121f782972db1961135739b724b031c92b28ba1b903f70d7f47df234e1d8c8451fcde9bdcda1307b33741fa708f0607d41ae15b1faba1ee2188526f4dabab6ae600cb71a1f3f610f6bb908e9413ed970d9a21c47534b2da553fbb5c85fdcafcda2fc4f9432d5f96b2986d54fcf695a394c81498605e55763bc1a9c219896596be73431ce3922a85989d9f7c359dc06fe907f69d6cf64186d77f6d153d700304b430c10e6820de310fca445178991554014233659bf98bb6b9b4769fea5205ce3988b1d780cea58b48f441b797a992e6e3fee3e2bf9adf3388e8035a67e27926e9bbdd84338d25a33d3d34812fe8d4e1e249bb2a478405ccb3e6699cebb8cedab3464aace6d28b75fed95b199672a3bf704de91b6a57359d0a53f788dbb5ad4654e12f6026b24c421ed629da400498eee6633256084170c24a2f61543726a2b349a8098f313c739d76e53ee1c0b4d7898f724a252022aaefe51e465729a57abd9c692bf3edfc17597446675478f8931df62a98dc7da2e0904a3640bcb9d0f61123e2797490b8c5276d2b9b385f620194fd7d35843e66fd67db49d8a789cb95f35b007f8d41acf7c824bfd9a1d600fece45b793aa15d2e7fe75b7fcbbd81e36b53dde1c70ef9ee112b8c6be43879ba66a6a6c626d42a8356c73e7e020822515131fca89fc24b7cc79ebbd8c89b6cce63af1bcf245ea7d4af39dcf634afd3da1d815bb53ab224d100078141663d03029b9e70b73369699b1cfd9772b9d73df6937ef1f2b2fb9ac9c51e5dfecd949c465a8579bdf03f1d8c1c662c9ac247d106e9cfb491e3f69082a05c3fdef79655c8cd8c8a49ddf01650071c8b9b9e5b1a847fbbc1d82ea63601d0377a12df08ee6b79ec74a222ffa0acaec8a22aa7737d328f1452a1a1268ee5981ff15070b49567b78311b85678499a7a3649e27d1bc36d551d9fb7f36f0e8c47af2dc2f5e4ed772de4249974605c60c42c1e7e2e20ede3cb041f370b2d4c68b62d42cf5516b79e0269f7f03479f13621798da5a480fe7e92d6ae8178d63add657906649f7aa2f93362dff5ec5433ae240b9fc3cf0b59ab2e989ecdc6a18a9f416cf64be8e6064105cdc683c8d4cd2feaa71c9b7dd8ca8c9aab0076ad6ccbe065df162df50cf323653355de548e573a4cbd3ad36642462d87808a05df6a9d230b96b0a9c64de25ef3fb593314f9187eea04c5ebda07c7c2e03ee77fbd50ecc5e4ce67225f84aadfde5fdb5613b88b07b27040b7671395d1bf781013b0c00101451b18af2dabe4ddf28b39522862ba55dcea8607fc1e6548eac4bab115886af10fbfaddf1e66cafceb0cd6e1ddf92c301d8f82ea92e0eb9a31769517573623950518aa2e80ae08dffb8377e3dc00f541ee8f0781cc9ec6b8021093dd08dfbf93e31f87240518bae02bd8bdd470202be691d4a87bb8c125981212651a1c780d640930921606b77bed1dc4b494edf81e5197af1657404812053e7bfa4839e2fe814937252c1d6a5a05c982a19d6e2eba1be7b7ea3a45d7d267c90f278e3406172864fc46fc8ababe4222ff8941900623fb8b619d977a970811741b2c6d028c72e4d988c90510f41108a275752fb13df957056b15885f2bee0340c94419cb33bd085edc323833f3fe1adbc261bedffc6dee19ff37255501f63f52bc055147c238dc0bc31bd1966635b69726972fda98c24715fcb00a706f6a3e28c2fe0bacd48b11521c0681f690ee84b66db9db581c03acdea4d872da27b12e48a087214a1a958f292254f362ceb33218bc2df2525faa027830343716b8c1633cb0be753758be5071ec0bfe97264bfa67e273735f9d95f4744558b470774946a676b1e304ba9f6195d8407a73fc1a90cce88cde663622cffa2d5fbacbcb33ab0b9f48032fc741f2edb8c57d53e063c216fce9fae74018539015f8f046b5d5d8690a2fe88fc051cfaae176c43c94c35fee420082751060e058b53f7d48de8ae032b3b25410830da55eace4da400ecbd37ef5794168c27a784db80e566d689d94922c0c610eaabb8d62b9edd57a67f62f0496c4537640416b8a8994472a03ea4123b21a4adabc81e152fffbac17f92ca88ea03349d12abc398effd8c381d81b13ffac3085d8825494e93d5642e9b7dc33117c416883b3d9c6da3ead441f54df8bd27ba780d265c827d65edbb816e6f984e1e2ccf0dce0f346f46de44720cd92076f32c0dc3cbbafe94ab07ed1ace21835b56e0d6360379fd130f72927788178ddb585e730eb30b537dcaa0e5909fd6f3654cf9b19d19e3be399cd7a409f9644250ea46145738e99a2a9cde5eef636587391b8ea182dbae914237382a83e465b8cb4c7cbdbfe010b12488adfe4ee000000000000000000000000000a101419222a";

liboqs is able to verify this signature, however BC rejects it.

The procedure I took to verify on BC was:


    //...

    public static boolean verifyDilithiumSignature(
        PublicKey dilPublic, byte[] input, byte[] encSignature)
        throws GeneralSecurityException
    {
        Signature signature = Signature.getInstance("Dilithium", "BCPQC");

        signature.initVerify(dilPublic);

        signature.update(input);

        return signature.verify(encSignature);
    }

    //... Main
    { 
        Security.addProvider(new BouncyCastlePQCProvider());

        // pk, msg and sigGenerated were defined above

        DilithiumPublicKeyParameters pubParams = new DilithiumPublicKeyParameters(DilithiumParameters.dilithium3, Hex.decode(pk));

        PublicKey pubKey = new BCDilithiumPublicKey(pubParams);

        System.out.println("Dilithium verified pubKey and verifyDilithiumSignature(): " + verifyDilithiumSignature(
                pubKey, Hex.decode(msg),
                Hex.decode(sigGenerated)));            

        // verify
        DilithiumSigner verifier = new DilithiumSigner();

        verifier.init(false, pubParams);

        boolean vrfyrespass = verifier.verifySignature(Hex.decode(msg), Hex.decode(sigGenerated));

        System.out.println("Dilithium verified DilithiumSigner(): " + vrfyrespass );

    }

I validated this procedure using a BCgenerated key pair:

    public static KeyPair generateDilithiumKeyPair(
        DilithiumParameterSpec dilithiumPlusParameterSpec)
        throws GeneralSecurityException
    {
        KeyPairGenerator kpg = KeyPairGenerator.getInstance("Dilithium", "BCPQC");
        kpg.initialize(dilithiumPlusParameterSpec, new SecureRandom());

        return kpg.generateKeyPair();
    }

    /// MAIN...
    {
        Security.addProvider(new BouncyCastlePQCProvider());

        KeyPair dilKp = generateDilithiumKeyPair(
                                    DilithiumParameterSpec.dilithium3);

        byte[] dilithiumSignature = generateDilithiumSignature(
                dilKp.getPrivate(), Hex.decode(msg));

        // ALERT: dilithiumSignature is a 3309-bytes array
        System.out.println("Dilithium verified: " + verifyDilithiumSignature(
                dilKp.getPublic(), Hex.decode(msg),
                                                         dilithiumSignature));

    }

The dilithiumSignature array has 3309 bytes (should be 3293, i.e. it has 16 more bytes) and is verified.

Why EJBCA follows the Table 2 parameters but BC is not able to verify the signature?

alvesfonseca commented 3 months ago

The Dilithium3 RootCA Certificate (from EJBCA).

-----BEGIN CERTIFICATE-----
MIIVjDCCCJegAwIBAgIUfoO40OdrvQeOxUnQHxc5iC9o7HgwDQYLKwYBBAECggsH
BgUwFjEUMBIGA1UEAwwLRGlsaXRoaXVtQ0EwHhcNMjQwNzAzMTgxNzMzWhcNMjYw
NzAzMTgxNzMyWjAWMRQwEgYDVQQDDAtEaWxpdGhpdW1DQTCCB7QwDQYLKwYBBAEC
ggsHBgUDggehAAA9ta3FafNXH+9sWps4tS2GJyGsVBMPLv5MTMPiAheUc/HcjeiD
NG8hZWaw2PMvQUT00VUa8MpSpGkmSTVmdR6mWbB52Y0x3KSjGM8ayW48F+fg8FM2
3vsNxrZZVyz2luSlwy6V0ugwaTcwxVkfFTPwSPpQx3MpgF/gfXRfXWrLgwaRVSa1
tn/aP2qX5JM6/+OIl6FRfQuEVY+rKw75USI6dAKjjEP2zsNbgK+0bwzRVtIdrhkN
KX3WKVkQv3/64lDQk79wRNfwZRLfQaA1uEWcIyIDuiHXQb5f3MmeTm8W4QGF3kuK
MtKYbf6QltpT0oitnrT9sqJ3v5DSfq2uGPtReaFtO3hBCHUjpVwqWD3J4BFl2caB
+RCS2/2UExIqvVfF2qHD/cJJExBIfCbl9G7l/MqgDtXrv2CQsvpOMCX+pG2Hji8k
KILiJTQvQ5B6OUFFaTdOUDk6GSTrccpsEzvA/Nm9vZNncMDiD5bidVi69Cc2pneh
PmxkXU+I5CFO2zeSG7QWlE4ICQY9tfojFLRDyOrV3Db7Rpgg/P8vnHUp22gyjv4U
Ju2gb799x+nUGohVQ2hPb1AGOZLgJe7anhcpbceZp3dk9ES7Q7wB0k3VaHeMBLoh
rcGrmA2UkSJvFyhaDL4ZuyFwH89YOT861kF5JpsB8XYQZBdKff9GibnawyHzePV3
WPKBdqzVfUWgOyci+qoLzE2h4tQkFLuftpW4KVKe7P6M85+IoA1eKr3KSzwXbYcH
jk7aj9ZfbPjY+T4SmUzPFY/rqZrW4jQ3IcZMpvmWeK4ey1v3dGDmMip3q2ioxtQ3
rJyu/ycMsQaYTF17fBuhkrM4zpNWIXhyqj0WjmISa8EPORGqoyOC1Bm7l+YsaDP6
SIQ6NvzcDwe9TzG8m0JEkGseLhomTvqbp/bjWgdiQhafe2T+mhJXye8873D/GMTW
n0BjuXOokWwHtuLS29JWaAN0UeV7a802bVta0i5+qlhyAonOmOZgAdqF17xygitU
EdIdkqhqK6lJjykNhbcCTwKXbnqVQ6Mxu8HrwAUTXIcbetPvxQSu0PcYCB19WuEb
OomOTdw0RfZ67RxEKrJ8xT3oPgA6SqjT6cXpvrEVGq/vZCFeCz8dsXhxCpZSfny2
vvLWx1ZnGWk74FX+aDclPrbmwy7ICG6NteLPwhZ2xZe1lDZlOt4CF385pyPX5t5H
3FVUk6zI4U+Xl+xbIT/aT4WGi5R+Jit2uyx+pC5bsc/FXcE1tamzm9TW4GZYpg20
1jLy76TXnsx29+5DzGg59xX+KsGiUqpUG0QMqEPwY+w9Bt2yWxxISpJ2oxY2tVeh
xC7gUm9ztMIaqUCLfr6dh6ZJU0HEfL2ldlmu5fwbvP/tnd30oljL5A9bZrmxoHax
bSbdD/bWhNN+t+NlPCQm+7l5yFRgfHsrB+kXK+hPAIQYJU5xxkOgx0FBs+1qdcQZ
k/BsOubBjTtCFmdNRXgHGLGExMCSvjYBY6Yoi4x08uKgFX9m9DsI38AndVjAztW0
lusat3pQYKqpFv1W7xNRqdBL0MbxjzKE8QIJXEUNYSIalgct0xzC4vD0P+PH/x7U
2JUmlUgSpjYUdj+Dsplqi7gFuMlaKBlL8eX690m6d/GkA3m/IY4FtIDg0Bq55Z8O
u5VVQp/UhzGo5kpGsqno25R4rbraNInCsZZFqyY1suGEfikXvMw1NeavbfJ2Tzt5
LqxdGTcJiMG2UNuofBQp3Xl7uOZ3V0cs9p/DrNrpZXP+ByxrErfVyv80I01g8d/+
09rgbFCSxEqfNcUijeT5kIfF68++o9qAGNYZ6M1Pj9D8rMSbsvvsyartH3Z9mdAV
F6CB/P3xJphkbZkFGIDkr3eTypRS173hBGR2aCv+7xBXwlqz71ezLhOhYWQTW/4w
yr3l2+YWo7XF22NCtbyss6FKOOcMOJiEkQhXJHLvB1GFqX3SUmywUy01zT3R3dRh
WzaPpuPHbyEHoYdWfNL7M1j80MV/xCMbgy3Nu0bJnEngcYZbLU7c3fIg5Hk4PKNt
dCfaawxyrbpTYAqGBSPSwjoX5TMV4isTUEgjYS0+EOcF89fEpweWVuTicqqCjscZ
fPKptx+YsjlEE9y67HNlYEnh8DKneCkm8nA+qxyfgnbjOCUbwb/+eAXWHilt+AlF
zBU1HBsnpo1d52/UqdLN1M6pgbUIt4OHjOhyH2QeSDCtdgqdm2hRLIDYR61ktC/y
X5WxXHcp9TFpOtkSL7gbq/dYC0N96r6JW+pc/t/2nzdWM9m5aHkvh7loC2DiTHxE
aqkKqwjoe356RIziG4S4TqKmDXJRPeZCW3NXYPFtgps635uGwmAXZuAv1dklByBd
RhIoJwWj9t2srWr6vW4uMgsffCVYUSwHsA7XESPPfLERoM6iXB8JNwT1luLmFuZU
tvtXmw/kOdChMgTIeKJuay3hmKMdJzVPCwip7aT40CXMyV/QwQWgJJVc64Zk2KIA
TpEn7BrJZktWat2ICg0pz0dRQPxGbPRR7KUJxZu2f780N8l0B6E8JtNBucq1RR9U
P0gfbLgQPq7ZgXtdp0DTA0gERTs7bON+EPsocReKKLdaBz8UUGNUU6N1o2MwYTAP
BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFGUDQrPy2sVcVO94CHzTwKBaHBRY
MB0GA1UdDgQWBBRlA0Kz8trFXFTveAh808CgWhwUWDAOBgNVHQ8BAf8EBAMCAYYw
DQYLKwYBBAECggsHBgUDggzeAFACJ4yom4hK8nSXIZpk8DBHPrTPd6Ymc18G22VQ
ODSFaiEXqeKik3KpIVnNkUX3pcql1nRowHF3iUXTdC1CDXl2ZUM9CHY9N3yQol4l
DRz+rcsSYFRCDQZACr/nd0Pvu/UHCLsLgBtJVgHcqj7tJzZtOs5T80yTdyV4+HcJ
jCVnTtvHquSHztsHh/Tcv2C/RlZnVD2ARA4qz8IUdYJTCIBcm1+bKf+shSLn8iAE
iSQDV5fmXqz8wJZYiFNF2FqdJZqwq7pImNcmsI3kdM7fYI92VCih3lwP57dlUEGG
jdxsbqUsAQHFAM6dP02x5vek7ziQNjZq3+6OT/+sUQTp39XvEnRNWuhmsO55ZA49
smseYgtoEGn/tv/xwWD2EKcTyJDUXPOC/NstX4IuyxgNbKf4bSoz0CF915i9aVrM
zdMtTzfrKHavT88Lz1+LkO7F6j2xm21Q0Wnn1d6EPAu/rHbkLbMiSutoBGldSjPX
OuvjmzQXGsz8dcykBYmwp9cJhT5+ebGF73dycDmbNXfNWoCfgNfs6rkL4ZA66GZe
2KLw+BjakdRFS+khmfQDAUz4uDqTLXepGvhu5kDtg1bU82r3RhnHFnQUjxhDvCso
Z2oP6oXbqmxqfYpJI4aOJ63puyOhWfuPs6vyTMNSlYDj9oKr9XGY0GYuyKUd5JFt
Y9dW5JuHWBXvI8FlbBu9yhSMiWqBq5QSerFUKFyj5hnSCoquUvhMHQ/KtDT21lJw
DVQVkuSjJD+Y6AlOS8bhMvVKnZhmxjNGrw4xKPp4Xbe9uuErckPeBgsBesLurjTv
CfVNAamFza3IYSY1uW702ryGoI+mUkF8yqIBcCv0EeiO5e8hAD36Lx7m3ghWk6FV
QGDak3kGYEuA/T7yLzp1NW/ft67Jrx9EP1zTkkm7g3h+4H2G/4C3SZNiQRKOkWl+
9DXTtBd2Avj139dNV6C3xpbLBnfNYTzZvDcewQLnjC7FT9kPTKDz4f5lGmy4viY7
KIa2hyVbvTVxbqHd2nOGfprCGuIV7C3eaDqySXX2aWjoodPFb5iL8vUcYYhQ0EtO
mNOYVMTgiENLKCY/vWEHnTb4VnjAcL8RosYJoEVFT4twKJFUQANP0Xjqp5/cfUDh
wetYLeZ9bmXMb9kGhAR9pIBbiBCx6x/Gq8mII4xkMgTJJfwxdxOoS+aRe8E1p9M3
/ZBfEqFc7RuJNVAhNEGRb1/f3pqFbwkgt2aO082/QOpMS1CRyvFSXO+ocn71e8bM
AJqh9nBenpxPATflcdFlGx90BYYrVL1heqQn/1W0VPUTTIGfr1cEeE8MCedZvKI3
Z6supGIaR10yo0aDCBqK704qcIzROj+NQG8BaonWOMXTPl4qtjVs9sMbznPFMZOA
6QA7yXjGlT3iefqGrTFJ0HlWLsDe/aXuMAyTQYjSjNHt2Y3GnYcj2m4q2SmYVNoJ
iysnDCG1JUbAeswAzdbHAaaad8toDvu8fIyrdjY5d03MnQ/lpP3rXWMnSfSzU0F6
IRyXqdR71MjhAD1ybufkObiPKF+rApiyj+qxFaf0YUe/eD7OKDVaKPiXLob+2MrW
JGtI3rgthRLDRj/kwoTlWl2M7blOIJlmQiFNPVl4KErMsZaGpztOU7WAHxi1UNjH
zbd1UR2tXF0oZ3FN20GjoG9uYje4mBHHGIhDd4oJTNdVZZBPu/OVLn3oBk2Jn9Yo
k1AyoH1SXIaBc/FrADI2h4VOoEHcKfeYlT/If46UneY5ygm8kHuj7lu7PD5jNK4S
mTly3U+fRthJf6zdbgQ9r9gcCzewThJNDgSsEtLVUcw5pajmtL7RVQgvL6uAUhnS
2fX+TmV1ihmHhhIQGKkw+kfqrrBIbEhx0TtSAsm0Cpt0jhfnrC4VLZS6Y/qgaONA
6R7aSrfrnTm5zBQbdGTMmGFz4fYJWfWPg/BXjrVc86sBFPrskVDDoISRZQ7xgfzB
civvphmxqZPlaAp3utZypgkzX0tCOykOfPFIKN0CpmuoD+kffMl05kIIzoK0W2cQ
zgTxKfDXbP939uGH9Ilgyke8QyMqhFsaJClCppWmG2nyek28bzxe2t1Vlfxa0hv3
C2sHnkK8SNeVqoN0PJ3GbRjPmOYAj1y8B4tA0BpkhO61fBIfeCly2xlhE1c5tySw
MckrKLobkD9w1/R98jTh2MhFH83pvc2hMHszdB+nCPBgfUGuFbH6uh7iGIUm9Nq6
tq5gDLcaHz9hD2u5COlBPtlw2aIcR1NLLaVT+7XIX9yvzaL8T5Qy1flrKYbVT89p
WjlMgUmGBeVXY7wanCGYlllr5zQxzjkiqFmJ2ffDWdwG/pB/adbPZBhtd/bRU9cA
MEtDDBDmgg3jEPykRReJkVVAFCM2Wb+Yu2ubR2n+pSBc45iLHXgM6li0j0QbeXqZ
Lm4/7j4r+a3zOI6ANaZ+J5Jum73YQzjSWjPT00gS/o1OHiSbsqR4QFzLPmaZzruM
7as0ZKrObSi3X+2VsZlnKjv3BN6RtqVzWdClP3iNu1rUZU4S9gJrJMQh7WKdpABJ
ju5mMyVghBcMJKL2FUNyais0moCY8xPHOdduU+4cC014mPckolICKq7+UeRlcppX
q9nGkr8+38F1l0RmdUePiTHfYqmNx9ouCQSjZAvLnQ9hEj4nl0kLjFJ20rmzhfYg
GU/X01hD5m/WfbSdinicuV81sAf41BrPfIJL/ZodYA/s5Ft5OqFdLn/nW3/LvYHj
a1Pd4ccO+e4RK4xr5Dh5umampsYm1CqDVsc+fgIIIlFRMfyon8JLfMeeu9jIm2zO
Y68bzyRep9SvOdz2NK/T2h2BW7U6siTRAAeBQWY9AwKbnnC3M2lpmxz9l3K51z32
k37x8rL7msnFHl3+zZScRlqFeb3wPx2MHGYsmsJH0Qbpz7SR4/aQgqBcP973llXI
zYyKSd3wFlAHHIubnlsahH+7wdgupjYB0Dd6Et8I7mt57HSiIv+grK7Ioiqnc30y
jxRSoaEmjuWYH/FQcLSVZ7eDEbhWeEmaejZJ4n0bw21VHZ+3828OjEevLcL15O13
LeQkmXRgXGDELB5+LiDt48sEHzcLLUxoti1Cz1UWt54CaffwNHnxNiF5jaWkgP5+
ktaugXjWOt1leQZkn3qi+TNi3/XsVDOuJAufw88LWasumJ7NxqGKn0Fs9kvo5gZB
Bc3Gg8jUzS/qpxybfdjKjJqrAHatbMvgZd8WLfUM8yNlM1XeVI5XOky9OtNmQkYt
h4CKBd9qnSMLlrCpxk3iXvP7WTMU+Rh+6gTF69oHx8LgPud/vVDsxeTOZyJfhKrf
3l/bVhO4iweycEC3ZxOV0b94EBOwwAEBRRsYry2r5N3yizlSKGK6Vdzqhgf8HmVI
6sS6sRWIavEPv63fHmbK/OsM1uHd+SwwHY+C6pLg65oxdpUXVzYjlQUYqi6Argjf
+4N349wA9UHujweBzJ7GuAIQk90I37+T4x+HJAUYuuAr2L3UcCAr5pHUqHu4wSWY
EhJlGhx4DWQJMJIWBrd77R3EtJTt+B5Rl68WV0BIEgU+e/pIOeL+gUk3JSwdaloF
yYKhnW4uuhvnt+o6RdfSZ8kPJ440BhcoZPxG/Iq6vkIi/4lBkAYj+4thnZd6lwgR
dBssbQKMcuTZiMkFEPQRCKJ1dS+xPflXBWsViF8r7gNAyUQZyzO9CF7cMjgz8/4a
28Jhvt/8be4Z/zclVQH2P1K8BVFHwjjcC8Mb0ZZmNbaXJpcv2pjCRxX8sApwb2o+
KML+C6zUixFSHAaB9pDuhLZtudtYHAOs3qTYctonsS5IoIchShqVjykiVPNizrMy
GLwt8lJfqgJ4MDQ3FrjBYzywvnU3WL5QcewL/pcmS/pn4nNzX52V9HRFWLRwd0lG
pnax4wS6n2GV2EB6c/wakMzojN5mNiLP+i1fusvLM6sLn0gDL8dB8u24xX1T4GPC
Fvzp+udAGFOQFfjwRrXV2GkKL+iPwFHPquF2xDyUw1/uQgCCdRBg4Fi1P31I3org
MrOyVBCDDaVerOTaQA7L0371eUFownp4TbgOVm1onZSSLAxhDqq7jWK57dV6Z/Yv
BJbEU3ZAQWuKiZRHKgPqQSOyGkravIHhUv/7rBf5LKiOoDNJ0Sq8OY7/2MOB2BsT
/6wwhdiCVJTpPVZC6bfcMxF8QWiDs9nG2j6tRB9U34vSe6eA0mXIJ9Ze27gW5vmE
4eLM8Nzg80b0beRHIM2SB28ywNw8u6/pSrB+0aziGDW1bg1jYDef0TD3KSd4gXjd
tYXnMOswtTfcqg5ZCf1vNlTPmxnRnjvjmc16QJ+WRCUOpGFFc46ZoqnN5e72Nlhz
kbjqGC266RQjc4KoPkZbjLTHy9v+AQsSSIrf5O4AAAAAAAAAAAAAAAAAChAUGSIq
-----END CERTIFICATE-----
roy-basmacier commented 2 months ago

Hello @alvesfonseca ,

https://github.com/bcgit/bc-java/issues/1597 covers why the table values do not match. We've also updated Dilithium in b44ecfedb1d1c6e934885d8ba5f0c6dc168af189 to match NIST's ACVP test server (They haven't released the updated version of FIPS 204, but they did announce some changes they applied in the 5th PQC Standardization Conference presentation). This changes the signature values for Dilithium3 and Dilithium5.

alvesfonseca commented 2 months ago

@roy-basmacier , thank you!

I would create another issue, but I will reuse this one.

What about EJBCA (bcprov-jdk18on-175) signatures not verified by BC bcprov-jdk18on-1.78.1.jar?

//        EJBCA
String msg = "30820897a00302010202147e83b8d0e76bbd078ec549d01f1739882f68ec78300d060b2b0601040102820b07060530163114301206035504030c0b44696c69746869756d4341301e170d3234303730333138313733335a170d3236303730333138313733325a30163114301206035504030c0b44696c69746869756d4341308207b4300d060b2b0601040102820b070605038207a100003db5adc569f3571fef6c5a9b38b52d862721ac54130f2efe4c4cc3e202179473f1dc8de883346f216566b0d8f32f4144f4d1551af0ca52a46926493566751ea659b079d98d31dca4a318cf1ac96e3c17e7e0f05336defb0dc6b659572cf696e4a5c32e95d2e830693730c5591f1533f048fa50c77329805fe07d745f5d6acb8306915526b5b67fda3f6a97e4933affe38897a1517d0b84558fab2b0ef951223a7402a38c43f6cec35b80afb46f0cd156d21dae190d297dd6295910bf7ffae250d093bf7044d7f06512df41a035b8459c232203ba21d741be5fdcc99e4e6f16e10185de4b8a32d2986dfe9096da53d288ad9eb4fdb2a277bf90d27eadae18fb5179a16d3b7841087523a55c2a583dc9e01165d9c681f91092dbfd9413122abd57c5daa1c3fdc2491310487c26e5f46ee5fccaa00ed5ebbf6090b2fa4e3025fea46d878e2f242882e225342f43907a39414569374e50393a1924eb71ca6c133bc0fcd9bdbd936770c0e20f96e27558baf42736a677a13e6c645d4f88e4214edb37921bb416944e0809063db5fa2314b443c8ead5dc36fb469820fcff2f9c7529db68328efe1426eda06fbf7dc7e9d41a885543684f6f50063992e025eeda9e17296dc799a77764f444bb43bc01d24dd568778c04ba21adc1ab980d9491226f17285a0cbe19bb21701fcf58393f3ad64179269b01f1761064174a7dff4689b9dac321f378f57758f28176acd57d45a03b2722faaa0bcc4da1e2d42414bb9fb695b829529eecfe8cf39f88a00d5e2abdca4b3c176d87078e4eda8fd65f6cf8d8f93e12994ccf158feba99ad6e2343721c64ca6f99678ae1ecb5bf77460e6322a77ab68a8c6d437ac9caeff270cb106984c5d7b7c1ba192b338ce9356217872aa3d168e62126bc10f3911aaa32382d419bb97e62c6833fa48843a36fcdc0f07bd4f31bc9b4244906b1e2e1a264efa9ba7f6e35a076242169f7b64fe9a1257c9ef3cef70ff18c4d69f4063b973a8916c07b6e2d2dbd25668037451e57b6bcd366d5b5ad22e7eaa58720289ce98e66001da85d7bc72822b5411d21d92a86a2ba9498f290d85b7024f02976e7a9543a331bbc1ebc005135c871b7ad3efc504aed0f718081d7d5ae11b3a898e4ddc3445f67aed1c442ab27cc53de83e003a4aa8d3e9c5e9beb1151aafef64215e0b3f1db178710a96527e7cb6bef2d6c7566719693be055fe6837253eb6e6c32ec8086e8db5e2cfc21676c597b59436653ade02177f39a723d7e6de47dc555493acc8e14f9797ec5b213fda4f85868b947e262b76bb2c7ea42e5bb1cfc55dc135b5a9b39bd4d6e06658a60db4d632f2efa4d79ecc76f7ee43cc6839f715fe2ac1a252aa541b440ca843f063ec3d06ddb25b1c484a9276a31636b557a1c42ee0526f73b4c21aa9408b7ebe9d87a6495341c47cbda57659aee5fc1bbcffed9dddf4a258cbe40f5b66b9b1a076b16d26dd0ff6d684d37eb7e3653c2426fbb979c854607c7b2b07e9172be84f008418254e71c643a0c74141b3ed6a75c41993f06c3ae6c18d3b4216674d45780718b184c4c092be360163a6288b8c74f2e2a0157f66f43b08dfc0277558c0ced5b496eb1ab77a5060aaa916fd56ef1351a9d04bd0c6f18f3284f102095c450d61221a96072dd31cc2e2f0f43fe3c7ff1ed4d89526954812a63614763f83b2996a8bb805b8c95a28194bf1e5faf749ba77f1a40379bf218e05b480e0d01ab9e59f0ebb9555429fd48731a8e64a46b2a9e8db9478adbada3489c2b19645ab2635b2e1847e2917bccc3535e6af6df2764f3b792eac5d19370988c1b650dba87c1429dd797bb8e67757472cf69fc3acdae96573fe072c6b12b7d5caff34234d60f1dffed3dae06c5092c44a9f35c5228de4f99087c5ebcfbea3da8018d619e8cd4f8fd0fcacc49bb2fbecc9aaed1f767d99d01517a081fcfdf12698646d99051880e4af7793ca9452d7bde1046476682bfeef1057c25ab3ef57b32e13a16164135bfe30cabde5dbe616a3b5c5db6342b5bcacb3a14a38e70c3898849108572472ef075185a97dd2526cb0532d35cd3dd1ddd4615b368fa6e3c76f2107a187567cd2fb3358fcd0c57fc4231b832dcdbb46c99c49e071865b2d4edcddf220e479383ca36d7427da6b0c72adba53600a860523d2c23a17e53315e22b13504823612d3e10e705f3d7c4a7079656e4e272aa828ec7197cf2a9b71f98b2394413dcbaec73656049e1f032a7782926f2703eab1c9f8276e338251bc1bffe7805d61e296df80945cc15351c1b27a68d5de76fd4a9d2cdd4cea981b508b783878ce8721f641e4830ad760a9d9b68512c80d847ad64b42ff25f95b15c7729f531693ad9122fb81babf7580b437deabe895bea5cfedff69f375633d9b968792f87b9680b60e24c7c446aa90aab08e87b7e7a448ce21b84b84ea2a60d72513de6425b735760f16d829b3adf9b86c2601766e02fd5d92507205d4612282705a3f6ddacad6afabd6e2e320b1f7c2558512c07b00ed71123cf7cb111a0cea25c1f093704f596e2e616e654b6fb579b0fe439d0a13204c878a26e6b2de198a31d27354f0b08a9eda4f8d025ccc95fd0c105a024955ceb8664d8a2004e9127ec1ac9664b566add880a0d29cf475140fc466cf451eca509c59bb67fbf3437c97407a13c26d341b9cab5451f543f481f6cb8103eaed9817b5da740d3034804453b3b6ce37e10fb2871178a28b75a073f1450635453a375a3633061300f0603551d130101ff040530030101ff301f0603551d23041830168014650342b3f2dac55c54ef78087cd3c0a05a1c1458301d0603551d0e04160414650342b3f2dac55c54ef78087cd3c0a05a1c1458300e0603551d0f0101ff040403020186";
String pk = "003db5adc569f3571fef6c5a9b38b52d862721ac54130f2efe4c4cc3e202179473f1dc8de883346f216566b0d8f32f4144f4d1551af0ca52a46926493566751ea659b079d98d31dca4a318cf1ac96e3c17e7e0f05336defb0dc6b659572cf696e4a5c32e95d2e830693730c5591f1533f048fa50c77329805fe07d745f5d6acb8306915526b5b67fda3f6a97e4933affe38897a1517d0b84558fab2b0ef951223a7402a38c43f6cec35b80afb46f0cd156d21dae190d297dd6295910bf7ffae250d093bf7044d7f06512df41a035b8459c232203ba21d741be5fdcc99e4e6f16e10185de4b8a32d2986dfe9096da53d288ad9eb4fdb2a277bf90d27eadae18fb5179a16d3b7841087523a55c2a583dc9e01165d9c681f91092dbfd9413122abd57c5daa1c3fdc2491310487c26e5f46ee5fccaa00ed5ebbf6090b2fa4e3025fea46d878e2f242882e225342f43907a39414569374e50393a1924eb71ca6c133bc0fcd9bdbd936770c0e20f96e27558baf42736a677a13e6c645d4f88e4214edb37921bb416944e0809063db5fa2314b443c8ead5dc36fb469820fcff2f9c7529db68328efe1426eda06fbf7dc7e9d41a885543684f6f50063992e025eeda9e17296dc799a77764f444bb43bc01d24dd568778c04ba21adc1ab980d9491226f17285a0cbe19bb21701fcf58393f3ad64179269b01f1761064174a7dff4689b9dac321f378f57758f28176acd57d45a03b2722faaa0bcc4da1e2d42414bb9fb695b829529eecfe8cf39f88a00d5e2abdca4b3c176d87078e4eda8fd65f6cf8d8f93e12994ccf158feba99ad6e2343721c64ca6f99678ae1ecb5bf77460e6322a77ab68a8c6d437ac9caeff270cb106984c5d7b7c1ba192b338ce9356217872aa3d168e62126bc10f3911aaa32382d419bb97e62c6833fa48843a36fcdc0f07bd4f31bc9b4244906b1e2e1a264efa9ba7f6e35a076242169f7b64fe9a1257c9ef3cef70ff18c4d69f4063b973a8916c07b6e2d2dbd25668037451e57b6bcd366d5b5ad22e7eaa58720289ce98e66001da85d7bc72822b5411d21d92a86a2ba9498f290d85b7024f02976e7a9543a331bbc1ebc005135c871b7ad3efc504aed0f718081d7d5ae11b3a898e4ddc3445f67aed1c442ab27cc53de83e003a4aa8d3e9c5e9beb1151aafef64215e0b3f1db178710a96527e7cb6bef2d6c7566719693be055fe6837253eb6e6c32ec8086e8db5e2cfc21676c597b59436653ade02177f39a723d7e6de47dc555493acc8e14f9797ec5b213fda4f85868b947e262b76bb2c7ea42e5bb1cfc55dc135b5a9b39bd4d6e06658a60db4d632f2efa4d79ecc76f7ee43cc6839f715fe2ac1a252aa541b440ca843f063ec3d06ddb25b1c484a9276a31636b557a1c42ee0526f73b4c21aa9408b7ebe9d87a6495341c47cbda57659aee5fc1bbcffed9dddf4a258cbe40f5b66b9b1a076b16d26dd0ff6d684d37eb7e3653c2426fbb979c854607c7b2b07e9172be84f008418254e71c643a0c74141b3ed6a75c41993f06c3ae6c18d3b4216674d45780718b184c4c092be360163a6288b8c74f2e2a0157f66f43b08dfc0277558c0ced5b496eb1ab77a5060aaa916fd56ef1351a9d04bd0c6f18f3284f102095c450d61221a96072dd31cc2e2f0f43fe3c7ff1ed4d89526954812a63614763f83b2996a8bb805b8c95a28194bf1e5faf749ba77f1a40379bf218e05b480e0d01ab9e59f0ebb9555429fd48731a8e64a46b2a9e8db9478adbada3489c2b19645ab2635b2e1847e2917bccc3535e6af6df2764f3b792eac5d19370988c1b650dba87c1429dd797bb8e67757472cf69fc3acdae96573fe072c6b12b7d5caff34234d60f1dffed3dae06c5092c44a9f35c5228de4f99087c5ebcfbea3da8018d619e8cd4f8fd0fcacc49bb2fbecc9aaed1f767d99d01517a081fcfdf12698646d99051880e4af7793ca9452d7bde1046476682bfeef1057c25ab3ef57b32e13a16164135bfe30cabde5dbe616a3b5c5db6342b5bcacb3a14a38e70c3898849108572472ef075185a97dd2526cb0532d35cd3dd1ddd4615b368fa6e3c76f2107a187567cd2fb3358fcd0c57fc4231b832dcdbb46c99c49e071865b2d4edcddf220e479383ca36d7427da6b0c72adba53600a860523d2c23a17e53315e22b13504823612d3e10e705f3d7c4a7079656e4e272aa828ec7197cf2a9b71f98b2394413dcbaec73656049e1f032a7782926f2703eab1c9f8276e338251bc1bffe7805d61e296df80945cc15351c1b27a68d5de76fd4a9d2cdd4cea981b508b783878ce8721f641e4830ad760a9d9b68512c80d847ad64b42ff25f95b15c7729f531693ad9122fb81babf7580b437deabe895bea5cfedff69f375633d9b968792f87b9680b60e24c7c446aa90aab08e87b7e7a448ce21b84b84ea2a60d72513de6425b735760f16d829b3adf9b86c2601766e02fd5d92507205d4612282705a3f6ddacad6afabd6e2e320b1f7c2558512c07b00ed71123cf7cb111a0cea25c1f093704f596e2e616e654b6fb579b0fe439d0a13204c878a26e6b2de198a31d27354f0b08a9eda4f8d025ccc95fd0c105a024955ceb8664d8a2004e9127ec1ac9664b566add880a0d29cf475140fc466cf451eca509c59bb67fbf3437c97407a13c26d341b9cab5451f543f481f6cb8103eaed9817b5da740d3034804453b3b6ce37e10fb2871178a28b75a073f1450635453a375";
String sigGenerated = "5002278ca89b884af27497219a64f030473eb4cf77a626735f06db65503834856a2117a9e2a29372a92159cd9145f7a5caa5d67468c071778945d3742d420d797665433d08763d377c90a25e250d1cfeadcb126054420d06400abfe77743efbbf50708bb0b801b495601dcaa3eed27366d3ace53f34c93772578f877098c25674edbc7aae487cedb0787f4dcbf60bf465667543d80440e2acfc21475825308805c9b5f9b29ffac8522e7f220048924035797e65eacfcc09658885345d85a9d259ab0abba4898d726b08de474cedf608f765428a1de5c0fe7b7655041868ddc6c6ea52c0101c500ce9d3f4db1e6f7a4ef389036366adfee8e4fffac5104e9dfd5ef12744d5ae866b0ee79640e3db26b1e620b681069ffb6fff1c160f610a713c890d45cf382fcdb2d5f822ecb180d6ca7f86d2a33d0217dd798bd695acccdd32d4f37eb2876af4fcf0bcf5f8b90eec5ea3db19b6d50d169e7d5de843c0bbfac76e42db3224aeb6804695d4a33d73aebe39b34171accfc75cca40589b0a7d709853e7e79b185ef777270399b3577cd5a809f80d7eceab90be1903ae8665ed8a2f0f818da91d4454be92199f403014cf8b83a932d77a91af86ee640ed8356d4f36af74619c71674148f1843bc2b28676a0fea85dbaa6c6a7d8a4923868e27ade9bb23a159fb8fb3abf24cc3529580e3f682abf57198d0662ec8a51de4916d63d756e49b875815ef23c1656c1bbdca148c896a81ab94127ab154285ca3e619d20a8aae52f84c1d0fcab434f6d652700d541592e4a3243f98e8094e4bc6e132f54a9d9866c63346af0e3128fa785db7bdbae12b7243de060b017ac2eeae34ef09f54d01a985cdadc8612635b96ef4dabc86a08fa652417ccaa201702bf411e88ee5ef21003dfa2f1ee6de085693a1554060da937906604b80fd3ef22f3a75356fdfb7aec9af1f443f5cd39249bb83787ee07d86ff80b749936241128e91697ef435d3b4177602f8f5dfd74d57a0b7c696cb0677cd613cd9bc371ec102e78c2ec54fd90f4ca0f3e1fe651a6cb8be263b2886b687255bbd35716ea1ddda73867e9ac21ae215ec2dde683ab24975f66968e8a1d3c56f988bf2f51c618850d04b4e98d39854c4e088434b28263fbd61079d36f85678c070bf11a2c609a045454f8b7028915440034fd178eaa79fdc7d40e1c1eb582de67d6e65cc6fd90684047da4805b8810b1eb1fc6abc988238c643204c925fc317713a84be6917bc135a7d337fd905f12a15ced1b893550213441916f5fdfde9a856f0920b7668ed3cdbf40ea4c4b5091caf1525cefa8727ef57bc6cc009aa1f6705e9e9c4f0137e571d1651b1f7405862b54bd617aa427ff55b454f5134c819faf5704784f0c09e759bca23767ab2ea4621a475d32a34683081a8aef4e2a708cd13a3f8d406f016a89d638c5d33e5e2ab6356cf6c31bce73c5319380e9003bc978c6953de279fa86ad3149d079562ec0defda5ee300c934188d28cd1edd98dc69d8723da6e2ad9299854da098b2b270c21b52546c07acc00cdd6c701a69a77cb680efbbc7c8cab763639774dcc9d0fe5a4fdeb5d632749f4b353417a211c97a9d47bd4c8e1003d726ee7e439b88f285fab0298b28feab115a7f46147bf783ece28355a28f8972e86fed8cad6246b48deb82d8512c3463fe4c284e55a5d8cedb94e20996642214d3d5978284accb19686a73b4e53b5801f18b550d8c7cdb775511dad5c5d2867714ddb41a3a06f6e6237b89811c7188843778a094cd75565904fbbf3952e7de8064d899fd628935032a07d525c868173f16b00323687854ea041dc29f798953fc87f8e949de639ca09bc907ba3ee5bbb3c3e6334ae12993972dd4f9f46d8497facdd6e043dafd81c0b37b04e124d0e04ac12d2d551cc39a5a8e6b4bed155082f2fab805219d2d9f5fe4e65758a198786121018a930fa47eaaeb0486c4871d13b5202c9b40a9b748e17e7ac2e152d94ba63faa068e340e91eda4ab7eb9d39b9cc141b7464cc986173e1f60959f58f83f0578eb55cf3ab0114faec9150c3a08491650ef181fcc1722befa619b1a993e5680a77bad672a609335f4b423b290e7cf14828dd02a66ba80fe91f7cc974e64208ce82b45b6710ce04f129f0d76cff77f6e187f48960ca47bc43232a845b1a242942a695a61b69f27a4dbc6f3c5edadd5595fc5ad21bf70b6b079e42bc48d795aa83743c9dc66d18cf98e6008f5cbc078b40d01a6484eeb57c121f782972db1961135739b724b031c92b28ba1b903f70d7f47df234e1d8c8451fcde9bdcda1307b33741fa708f0607d41ae15b1faba1ee2188526f4dabab6ae600cb71a1f3f610f6bb908e9413ed970d9a21c47534b2da553fbb5c85fdcafcda2fc4f9432d5f96b2986d54fcf695a394c81498605e55763bc1a9c219896596be73431ce3922a85989d9f7c359dc06fe907f69d6cf64186d77f6d153d700304b430c10e6820de310fca445178991554014233659bf98bb6b9b4769fea5205ce3988b1d780cea58b48f441b797a992e6e3fee3e2bf9adf3388e8035a67e27926e9bbdd84338d25a33d3d34812fe8d4e1e249bb2a478405ccb3e6699cebb8cedab3464aace6d28b75fed95b199672a3bf704de91b6a57359d0a53f788dbb5ad4654e12f6026b24c421ed629da400498eee6633256084170c24a2f61543726a2b349a8098f313c739d76e53ee1c0b4d7898f724a252022aaefe51e465729a57abd9c692bf3edfc17597446675478f8931df62a98dc7da2e0904a3640bcb9d0f61123e2797490b8c5276d2b9b385f620194fd7d35843e66fd67db49d8a789cb95f35b007f8d41acf7c824bfd9a1d600fece45b793aa15d2e7fe75b7fcbbd81e36b53dde1c70ef9ee112b8c6be43879ba66a6a6c626d42a8356c73e7e020822515131fca89fc24b7cc79ebbd8c89b6cce63af1bcf245ea7d4af39dcf634afd3da1d815bb53ab224d100078141663d03029b9e70b73369699b1cfd9772b9d73df6937ef1f2b2fb9ac9c51e5dfecd949c465a8579bdf03f1d8c1c662c9ac247d106e9cfb491e3f69082a05c3fdef79655c8cd8c8a49ddf01650071c8b9b9e5b1a847fbbc1d82ea63601d0377a12df08ee6b79ec74a222ffa0acaec8a22aa7737d328f1452a1a1268ee5981ff15070b49567b78311b85678499a7a3649e27d1bc36d551d9fb7f36f0e8c47af2dc2f5e4ed772de4249974605c60c42c1e7e2e20ede3cb041f370b2d4c68b62d42cf5516b79e0269f7f03479f13621798da5a480fe7e92d6ae8178d63add657906649f7aa2f93362dff5ec5433ae240b9fc3cf0b59ab2e989ecdc6a18a9f416cf64be8e6064105cdc683c8d4cd2feaa71c9b7dd8ca8c9aab0076ad6ccbe065df162df50cf323653355de548e573a4cbd3ad36642462d87808a05df6a9d230b96b0a9c64de25ef3fb593314f9187eea04c5ebda07c7c2e03ee77fbd50ecc5e4ce67225f84aadfde5fdb5613b88b07b27040b7671395d1bf781013b0c00101451b18af2dabe4ddf28b39522862ba55dcea8607fc1e6548eac4bab115886af10fbfaddf1e66cafceb0cd6e1ddf92c301d8f82ea92e0eb9a31769517573623950518aa2e80ae08dffb8377e3dc00f541ee8f0781cc9ec6b8021093dd08dfbf93e31f87240518bae02bd8bdd470202be691d4a87bb8c125981212651a1c780d640930921606b77bed1dc4b494edf81e5197af1657404812053e7bfa4839e2fe814937252c1d6a5a05c982a19d6e2eba1be7b7ea3a45d7d267c90f278e3406172864fc46fc8ababe4222ff8941900623fb8b619d977a970811741b2c6d028c72e4d988c90510f41108a275752fb13df957056b15885f2bee0340c94419cb33bd085edc323833f3fe1adbc261bedffc6dee19ff37255501f63f52bc055147c238dc0bc31bd1966635b69726972fda98c24715fcb00a706f6a3e28c2fe0bacd48b11521c0681f690ee84b66db9db581c03acdea4d872da27b12e48a087214a1a958f292254f362ceb33218bc2df2525faa027830343716b8c1633cb0be753758be5071ec0bfe97264bfa67e273735f9d95f4744558b470774946a676b1e304ba9f6195d8407a73fc1a90cce88cde663622cffa2d5fbacbcb33ab0b9f48032fc741f2edb8c57d53e063c216fce9fae74018539015f8f046b5d5d8690a2fe88fc051cfaae176c43c94c35fee420082751060e058b53f7d48de8ae032b3b25410830da55eace4da400ecbd37ef5794168c27a784db80e566d689d94922c0c610eaabb8d62b9edd57a67f62f0496c4537640416b8a8994472a03ea4123b21a4adabc81e152fffbac17f92ca88ea03349d12abc398effd8c381d81b13ffac3085d8825494e93d5642e9b7dc33117c416883b3d9c6da3ead441f54df8bd27ba780d265c827d65edbb816e6f984e1e2ccf0dce0f346f46de44720cd92076f32c0dc3cbbafe94ab07ed1ace21835b56e0d6360379fd130f72927788178ddb585e730eb30b537dcaa0e5909fd6f3654cf9b19d19e3be399cd7a409f9644250ea46145738e99a2a9cde5eef636587391b8ea182dbae914237382a83e465b8cb4c7cbdbfe010b12488adfe4ee000000000000000000000000000a101419222a";

Those vectors were extracted from an EJBCA Dilithium3 CA Certificate

The Dilithium3 RootCA Certificate (from EJBCA).

-----BEGIN CERTIFICATE-----
MIIVjDCCCJegAwIBAgIUfoO40OdrvQeOxUnQHxc5iC9o7HgwDQYLKwYBBAECggsH
BgUwFjEUMBIGA1UEAwwLRGlsaXRoaXVtQ0EwHhcNMjQwNzAzMTgxNzMzWhcNMjYw
NzAzMTgxNzMyWjAWMRQwEgYDVQQDDAtEaWxpdGhpdW1DQTCCB7QwDQYLKwYBBAEC
ggsHBgUDggehAAA9ta3FafNXH+9sWps4tS2GJyGsVBMPLv5MTMPiAheUc/HcjeiD
NG8hZWaw2PMvQUT00VUa8MpSpGkmSTVmdR6mWbB52Y0x3KSjGM8ayW48F+fg8FM2
3vsNxrZZVyz2luSlwy6V0ugwaTcwxVkfFTPwSPpQx3MpgF/gfXRfXWrLgwaRVSa1
tn/aP2qX5JM6/+OIl6FRfQuEVY+rKw75USI6dAKjjEP2zsNbgK+0bwzRVtIdrhkN
KX3WKVkQv3/64lDQk79wRNfwZRLfQaA1uEWcIyIDuiHXQb5f3MmeTm8W4QGF3kuK
MtKYbf6QltpT0oitnrT9sqJ3v5DSfq2uGPtReaFtO3hBCHUjpVwqWD3J4BFl2caB
+RCS2/2UExIqvVfF2qHD/cJJExBIfCbl9G7l/MqgDtXrv2CQsvpOMCX+pG2Hji8k
KILiJTQvQ5B6OUFFaTdOUDk6GSTrccpsEzvA/Nm9vZNncMDiD5bidVi69Cc2pneh
PmxkXU+I5CFO2zeSG7QWlE4ICQY9tfojFLRDyOrV3Db7Rpgg/P8vnHUp22gyjv4U
Ju2gb799x+nUGohVQ2hPb1AGOZLgJe7anhcpbceZp3dk9ES7Q7wB0k3VaHeMBLoh
rcGrmA2UkSJvFyhaDL4ZuyFwH89YOT861kF5JpsB8XYQZBdKff9GibnawyHzePV3
WPKBdqzVfUWgOyci+qoLzE2h4tQkFLuftpW4KVKe7P6M85+IoA1eKr3KSzwXbYcH
jk7aj9ZfbPjY+T4SmUzPFY/rqZrW4jQ3IcZMpvmWeK4ey1v3dGDmMip3q2ioxtQ3
rJyu/ycMsQaYTF17fBuhkrM4zpNWIXhyqj0WjmISa8EPORGqoyOC1Bm7l+YsaDP6
SIQ6NvzcDwe9TzG8m0JEkGseLhomTvqbp/bjWgdiQhafe2T+mhJXye8873D/GMTW
n0BjuXOokWwHtuLS29JWaAN0UeV7a802bVta0i5+qlhyAonOmOZgAdqF17xygitU
EdIdkqhqK6lJjykNhbcCTwKXbnqVQ6Mxu8HrwAUTXIcbetPvxQSu0PcYCB19WuEb
OomOTdw0RfZ67RxEKrJ8xT3oPgA6SqjT6cXpvrEVGq/vZCFeCz8dsXhxCpZSfny2
vvLWx1ZnGWk74FX+aDclPrbmwy7ICG6NteLPwhZ2xZe1lDZlOt4CF385pyPX5t5H
3FVUk6zI4U+Xl+xbIT/aT4WGi5R+Jit2uyx+pC5bsc/FXcE1tamzm9TW4GZYpg20
1jLy76TXnsx29+5DzGg59xX+KsGiUqpUG0QMqEPwY+w9Bt2yWxxISpJ2oxY2tVeh
xC7gUm9ztMIaqUCLfr6dh6ZJU0HEfL2ldlmu5fwbvP/tnd30oljL5A9bZrmxoHax
bSbdD/bWhNN+t+NlPCQm+7l5yFRgfHsrB+kXK+hPAIQYJU5xxkOgx0FBs+1qdcQZ
k/BsOubBjTtCFmdNRXgHGLGExMCSvjYBY6Yoi4x08uKgFX9m9DsI38AndVjAztW0
lusat3pQYKqpFv1W7xNRqdBL0MbxjzKE8QIJXEUNYSIalgct0xzC4vD0P+PH/x7U
2JUmlUgSpjYUdj+Dsplqi7gFuMlaKBlL8eX690m6d/GkA3m/IY4FtIDg0Bq55Z8O
u5VVQp/UhzGo5kpGsqno25R4rbraNInCsZZFqyY1suGEfikXvMw1NeavbfJ2Tzt5
LqxdGTcJiMG2UNuofBQp3Xl7uOZ3V0cs9p/DrNrpZXP+ByxrErfVyv80I01g8d/+
09rgbFCSxEqfNcUijeT5kIfF68++o9qAGNYZ6M1Pj9D8rMSbsvvsyartH3Z9mdAV
F6CB/P3xJphkbZkFGIDkr3eTypRS173hBGR2aCv+7xBXwlqz71ezLhOhYWQTW/4w
yr3l2+YWo7XF22NCtbyss6FKOOcMOJiEkQhXJHLvB1GFqX3SUmywUy01zT3R3dRh
WzaPpuPHbyEHoYdWfNL7M1j80MV/xCMbgy3Nu0bJnEngcYZbLU7c3fIg5Hk4PKNt
dCfaawxyrbpTYAqGBSPSwjoX5TMV4isTUEgjYS0+EOcF89fEpweWVuTicqqCjscZ
fPKptx+YsjlEE9y67HNlYEnh8DKneCkm8nA+qxyfgnbjOCUbwb/+eAXWHilt+AlF
zBU1HBsnpo1d52/UqdLN1M6pgbUIt4OHjOhyH2QeSDCtdgqdm2hRLIDYR61ktC/y
X5WxXHcp9TFpOtkSL7gbq/dYC0N96r6JW+pc/t/2nzdWM9m5aHkvh7loC2DiTHxE
aqkKqwjoe356RIziG4S4TqKmDXJRPeZCW3NXYPFtgps635uGwmAXZuAv1dklByBd
RhIoJwWj9t2srWr6vW4uMgsffCVYUSwHsA7XESPPfLERoM6iXB8JNwT1luLmFuZU
tvtXmw/kOdChMgTIeKJuay3hmKMdJzVPCwip7aT40CXMyV/QwQWgJJVc64Zk2KIA
TpEn7BrJZktWat2ICg0pz0dRQPxGbPRR7KUJxZu2f780N8l0B6E8JtNBucq1RR9U
P0gfbLgQPq7ZgXtdp0DTA0gERTs7bON+EPsocReKKLdaBz8UUGNUU6N1o2MwYTAP
BgNVHRMBAf8EBTADAQH/MB8GA1UdIwQYMBaAFGUDQrPy2sVcVO94CHzTwKBaHBRY
MB0GA1UdDgQWBBRlA0Kz8trFXFTveAh808CgWhwUWDAOBgNVHQ8BAf8EBAMCAYYw
DQYLKwYBBAECggsHBgUDggzeAFACJ4yom4hK8nSXIZpk8DBHPrTPd6Ymc18G22VQ
ODSFaiEXqeKik3KpIVnNkUX3pcql1nRowHF3iUXTdC1CDXl2ZUM9CHY9N3yQol4l
DRz+rcsSYFRCDQZACr/nd0Pvu/UHCLsLgBtJVgHcqj7tJzZtOs5T80yTdyV4+HcJ
jCVnTtvHquSHztsHh/Tcv2C/RlZnVD2ARA4qz8IUdYJTCIBcm1+bKf+shSLn8iAE
iSQDV5fmXqz8wJZYiFNF2FqdJZqwq7pImNcmsI3kdM7fYI92VCih3lwP57dlUEGG
jdxsbqUsAQHFAM6dP02x5vek7ziQNjZq3+6OT/+sUQTp39XvEnRNWuhmsO55ZA49
smseYgtoEGn/tv/xwWD2EKcTyJDUXPOC/NstX4IuyxgNbKf4bSoz0CF915i9aVrM
zdMtTzfrKHavT88Lz1+LkO7F6j2xm21Q0Wnn1d6EPAu/rHbkLbMiSutoBGldSjPX
OuvjmzQXGsz8dcykBYmwp9cJhT5+ebGF73dycDmbNXfNWoCfgNfs6rkL4ZA66GZe
2KLw+BjakdRFS+khmfQDAUz4uDqTLXepGvhu5kDtg1bU82r3RhnHFnQUjxhDvCso
Z2oP6oXbqmxqfYpJI4aOJ63puyOhWfuPs6vyTMNSlYDj9oKr9XGY0GYuyKUd5JFt
Y9dW5JuHWBXvI8FlbBu9yhSMiWqBq5QSerFUKFyj5hnSCoquUvhMHQ/KtDT21lJw
DVQVkuSjJD+Y6AlOS8bhMvVKnZhmxjNGrw4xKPp4Xbe9uuErckPeBgsBesLurjTv
CfVNAamFza3IYSY1uW702ryGoI+mUkF8yqIBcCv0EeiO5e8hAD36Lx7m3ghWk6FV
QGDak3kGYEuA/T7yLzp1NW/ft67Jrx9EP1zTkkm7g3h+4H2G/4C3SZNiQRKOkWl+
9DXTtBd2Avj139dNV6C3xpbLBnfNYTzZvDcewQLnjC7FT9kPTKDz4f5lGmy4viY7
KIa2hyVbvTVxbqHd2nOGfprCGuIV7C3eaDqySXX2aWjoodPFb5iL8vUcYYhQ0EtO
mNOYVMTgiENLKCY/vWEHnTb4VnjAcL8RosYJoEVFT4twKJFUQANP0Xjqp5/cfUDh
wetYLeZ9bmXMb9kGhAR9pIBbiBCx6x/Gq8mII4xkMgTJJfwxdxOoS+aRe8E1p9M3
/ZBfEqFc7RuJNVAhNEGRb1/f3pqFbwkgt2aO082/QOpMS1CRyvFSXO+ocn71e8bM
AJqh9nBenpxPATflcdFlGx90BYYrVL1heqQn/1W0VPUTTIGfr1cEeE8MCedZvKI3
Z6supGIaR10yo0aDCBqK704qcIzROj+NQG8BaonWOMXTPl4qtjVs9sMbznPFMZOA
6QA7yXjGlT3iefqGrTFJ0HlWLsDe/aXuMAyTQYjSjNHt2Y3GnYcj2m4q2SmYVNoJ
iysnDCG1JUbAeswAzdbHAaaad8toDvu8fIyrdjY5d03MnQ/lpP3rXWMnSfSzU0F6
IRyXqdR71MjhAD1ybufkObiPKF+rApiyj+qxFaf0YUe/eD7OKDVaKPiXLob+2MrW
JGtI3rgthRLDRj/kwoTlWl2M7blOIJlmQiFNPVl4KErMsZaGpztOU7WAHxi1UNjH
zbd1UR2tXF0oZ3FN20GjoG9uYje4mBHHGIhDd4oJTNdVZZBPu/OVLn3oBk2Jn9Yo
k1AyoH1SXIaBc/FrADI2h4VOoEHcKfeYlT/If46UneY5ygm8kHuj7lu7PD5jNK4S
mTly3U+fRthJf6zdbgQ9r9gcCzewThJNDgSsEtLVUcw5pajmtL7RVQgvL6uAUhnS
2fX+TmV1ihmHhhIQGKkw+kfqrrBIbEhx0TtSAsm0Cpt0jhfnrC4VLZS6Y/qgaONA
6R7aSrfrnTm5zBQbdGTMmGFz4fYJWfWPg/BXjrVc86sBFPrskVDDoISRZQ7xgfzB
civvphmxqZPlaAp3utZypgkzX0tCOykOfPFIKN0CpmuoD+kffMl05kIIzoK0W2cQ
zgTxKfDXbP939uGH9Ilgyke8QyMqhFsaJClCppWmG2nyek28bzxe2t1Vlfxa0hv3
C2sHnkK8SNeVqoN0PJ3GbRjPmOYAj1y8B4tA0BpkhO61fBIfeCly2xlhE1c5tySw
MckrKLobkD9w1/R98jTh2MhFH83pvc2hMHszdB+nCPBgfUGuFbH6uh7iGIUm9Nq6
tq5gDLcaHz9hD2u5COlBPtlw2aIcR1NLLaVT+7XIX9yvzaL8T5Qy1flrKYbVT89p
WjlMgUmGBeVXY7wanCGYlllr5zQxzjkiqFmJ2ffDWdwG/pB/adbPZBhtd/bRU9cA
MEtDDBDmgg3jEPykRReJkVVAFCM2Wb+Yu2ubR2n+pSBc45iLHXgM6li0j0QbeXqZ
Lm4/7j4r+a3zOI6ANaZ+J5Jum73YQzjSWjPT00gS/o1OHiSbsqR4QFzLPmaZzruM
7as0ZKrObSi3X+2VsZlnKjv3BN6RtqVzWdClP3iNu1rUZU4S9gJrJMQh7WKdpABJ
ju5mMyVghBcMJKL2FUNyais0moCY8xPHOdduU+4cC014mPckolICKq7+UeRlcppX
q9nGkr8+38F1l0RmdUePiTHfYqmNx9ouCQSjZAvLnQ9hEj4nl0kLjFJ20rmzhfYg
GU/X01hD5m/WfbSdinicuV81sAf41BrPfIJL/ZodYA/s5Ft5OqFdLn/nW3/LvYHj
a1Pd4ccO+e4RK4xr5Dh5umampsYm1CqDVsc+fgIIIlFRMfyon8JLfMeeu9jIm2zO
Y68bzyRep9SvOdz2NK/T2h2BW7U6siTRAAeBQWY9AwKbnnC3M2lpmxz9l3K51z32
k37x8rL7msnFHl3+zZScRlqFeb3wPx2MHGYsmsJH0Qbpz7SR4/aQgqBcP973llXI
zYyKSd3wFlAHHIubnlsahH+7wdgupjYB0Dd6Et8I7mt57HSiIv+grK7Ioiqnc30y
jxRSoaEmjuWYH/FQcLSVZ7eDEbhWeEmaejZJ4n0bw21VHZ+3828OjEevLcL15O13
LeQkmXRgXGDELB5+LiDt48sEHzcLLUxoti1Cz1UWt54CaffwNHnxNiF5jaWkgP5+
ktaugXjWOt1leQZkn3qi+TNi3/XsVDOuJAufw88LWasumJ7NxqGKn0Fs9kvo5gZB
Bc3Gg8jUzS/qpxybfdjKjJqrAHatbMvgZd8WLfUM8yNlM1XeVI5XOky9OtNmQkYt
h4CKBd9qnSMLlrCpxk3iXvP7WTMU+Rh+6gTF69oHx8LgPud/vVDsxeTOZyJfhKrf
3l/bVhO4iweycEC3ZxOV0b94EBOwwAEBRRsYry2r5N3yizlSKGK6Vdzqhgf8HmVI
6sS6sRWIavEPv63fHmbK/OsM1uHd+SwwHY+C6pLg65oxdpUXVzYjlQUYqi6Argjf
+4N349wA9UHujweBzJ7GuAIQk90I37+T4x+HJAUYuuAr2L3UcCAr5pHUqHu4wSWY
EhJlGhx4DWQJMJIWBrd77R3EtJTt+B5Rl68WV0BIEgU+e/pIOeL+gUk3JSwdaloF
yYKhnW4uuhvnt+o6RdfSZ8kPJ440BhcoZPxG/Iq6vkIi/4lBkAYj+4thnZd6lwgR
dBssbQKMcuTZiMkFEPQRCKJ1dS+xPflXBWsViF8r7gNAyUQZyzO9CF7cMjgz8/4a
28Jhvt/8be4Z/zclVQH2P1K8BVFHwjjcC8Mb0ZZmNbaXJpcv2pjCRxX8sApwb2o+
KML+C6zUixFSHAaB9pDuhLZtudtYHAOs3qTYctonsS5IoIchShqVjykiVPNizrMy
GLwt8lJfqgJ4MDQ3FrjBYzywvnU3WL5QcewL/pcmS/pn4nNzX52V9HRFWLRwd0lG
pnax4wS6n2GV2EB6c/wakMzojN5mNiLP+i1fusvLM6sLn0gDL8dB8u24xX1T4GPC
Fvzp+udAGFOQFfjwRrXV2GkKL+iPwFHPquF2xDyUw1/uQgCCdRBg4Fi1P31I3org
MrOyVBCDDaVerOTaQA7L0371eUFownp4TbgOVm1onZSSLAxhDqq7jWK57dV6Z/Yv
BJbEU3ZAQWuKiZRHKgPqQSOyGkravIHhUv/7rBf5LKiOoDNJ0Sq8OY7/2MOB2BsT
/6wwhdiCVJTpPVZC6bfcMxF8QWiDs9nG2j6tRB9U34vSe6eA0mXIJ9Ze27gW5vmE
4eLM8Nzg80b0beRHIM2SB28ywNw8u6/pSrB+0aziGDW1bg1jYDef0TD3KSd4gXjd
tYXnMOswtTfcqg5ZCf1vNlTPmxnRnjvjmc16QJ+WRCUOpGFFc46ZoqnN5e72Nlhz
kbjqGC266RQjc4KoPkZbjLTHy9v+AQsSSIrf5O4AAAAAAAAAAAAAAAAAChAUGSIq
-----END CERTIFICATE-----
roy-basmacier commented 2 months ago

Hello @alvesfonseca,

What about EJBCA (bcprov-jdk18on-175) signatures not verified by BC bcprov-jdk18on-1.78.1.jar?

The reason why bcprov-jdk18on-175 signatures are not verified on bcprov-jdk18on-1.78.1.jar is due to different versions of Dilithium. The changes could be seen on 9ddb8d3d581222aa5e252d4e33360b2d4257f2a4. The changes only affect Dilithium3 and Dilithium5.