modified parameters to ensure thread safety

author: David Hook <dgh@cryptoworkshop.com> 2022-07-08 15:10:10 +1000
committer: David Hook <dgh@cryptoworkshop.com> 2022-07-08 15:10:10 +1000
commit: 160173b7577103e410b7a16fc55fa9693dce9ce4 (patch)
tree: b8ca118657e4f16a33e25289d3a4c9b7a007261b
parent: Fix a few warnings (diff)
download: BouncyCastle.NET-ed25519-160173b7577103e410b7a16fc55fa9693dce9ce4.tar.xz
5 files changed, 116 insertions, 43 deletions
diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusKeyPairGenerator.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusKeyPairGenerator.cs
index 2391b3414..9e5724027 100644
--- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusKeyPairGenerator.cs
+++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusKeyPairGenerator.cs
@@ -18,7 +18,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
 
         public AsymmetricCipherKeyPair GenerateKeyPair()
         {
-            SPHINCSPlusEngine engine = parameters.Engine;
+            SPHINCSPlusEngine engine = parameters.GetEngine();
 
             SK sk = new SK(SecRand(engine.N), SecRand(engine.N));
             byte[] pkSeed = SecRand(engine.N);
diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusParameters.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusParameters.cs
index b99df864f..3faaca896 100644
--- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusParameters.cs
+++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusParameters.cs
@@ -4,81 +4,91 @@ using Org.BouncyCastle.Crypto.Utilities;
 
 namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
 {
+    interface ISPHINCSPlusEngineProvider
+    {
+        int N
+        {
+            get;
+        }
+
+        SPHINCSPlusEngine Get();
+    }
+
     public class SPHINCSPlusParameters
     {
         public static SPHINCSPlusParameters sha2_128f = new SPHINCSPlusParameters("sha2-128f-robust",
-            new SPHINCSPlusEngine.Sha2Engine(true, 16, 16, 22, 6, 33, 66));
+            new Sha2EngineProvider(true, 16, 16, 22, 6, 33, 66));
 
         public static SPHINCSPlusParameters sha2_128s = new SPHINCSPlusParameters("sha2-128s-robust",
-            new SPHINCSPlusEngine.Sha2Engine(true, 16, 16, 7, 12, 14, 63));
+            new Sha2EngineProvider(true, 16, 16, 7, 12, 14, 63));
 
         public static SPHINCSPlusParameters sha2_192f = new SPHINCSPlusParameters("sha2-192f-robust",
-            new SPHINCSPlusEngine.Sha2Engine(true, 24, 16, 22, 8, 33, 66));
+            new Sha2EngineProvider(true, 24, 16, 22, 8, 33, 66));
 
         public static SPHINCSPlusParameters sha2_192s = new SPHINCSPlusParameters("sha2-192s-robust",
-            new SPHINCSPlusEngine.Sha2Engine(true, 24, 16, 7, 14, 17, 63));
+            new Sha2EngineProvider(true, 24, 16, 7, 14, 17, 63));
 
         public static SPHINCSPlusParameters sha2_256f = new SPHINCSPlusParameters("sha2-256f-robust",
-            new SPHINCSPlusEngine.Sha2Engine(true, 32, 16, 17, 9, 35, 68));
+            new Sha2EngineProvider(true, 32, 16, 17, 9, 35, 68));
 
         public static SPHINCSPlusParameters sha2_256s = new SPHINCSPlusParameters("sha2-256s-robust",
-            new SPHINCSPlusEngine.Sha2Engine(true, 32, 16, 8, 14, 22, 64));
+            new Sha2EngineProvider(true, 32, 16, 8, 14, 22, 64));
 
         public static SPHINCSPlusParameters sha2_128f_simple = new SPHINCSPlusParameters("sha2-128f-simple",
-            new SPHINCSPlusEngine.Sha2Engine(false, 16, 16, 22, 6, 33, 66));
+            new Sha2EngineProvider(false, 16, 16, 22, 6, 33, 66));
 
         public static SPHINCSPlusParameters sha2_128s_simple = new SPHINCSPlusParameters("sha2-128s-simple",
-            new SPHINCSPlusEngine.Sha2Engine(false, 16, 16, 7, 12, 14, 63));
+            new Sha2EngineProvider(false, 16, 16, 7, 12, 14, 63));
 
         public static SPHINCSPlusParameters sha2_192f_simple = new SPHINCSPlusParameters("sha2-192f-simple",
-            new SPHINCSPlusEngine.Sha2Engine(false, 24, 16, 22, 8, 33, 66));
+            new Sha2EngineProvider(false, 24, 16, 22, 8, 33, 66));
 
         public static SPHINCSPlusParameters sha2_192s_simple = new SPHINCSPlusParameters("sha2-192s-simple",
-            new SPHINCSPlusEngine.Sha2Engine(false, 24, 16, 7, 14, 17, 63));
+            new Sha2EngineProvider(false, 24, 16, 7, 14, 17, 63));
 
         public static SPHINCSPlusParameters sha2_256f_simple = new SPHINCSPlusParameters("sha2-256f-simple",
-            new SPHINCSPlusEngine.Sha2Engine(false, 32, 16, 17, 9, 35, 68));
+            new Sha2EngineProvider(false, 32, 16, 17, 9, 35, 68));
 
         public static SPHINCSPlusParameters sha2_256s_simple = new SPHINCSPlusParameters("sha2-256s-simple",
-            new SPHINCSPlusEngine.Sha2Engine(false, 32, 16, 8, 14, 22, 64));
+            new Sha2EngineProvider(false, 32, 16, 8, 14, 22, 64));
 
         // SHAKE-256.
 
         public static SPHINCSPlusParameters shake_128f = new SPHINCSPlusParameters("shake-128f-robust",
-            new SPHINCSPlusEngine.Shake256Engine(true, 16, 16, 22, 6, 33, 66));
+            new Shake256EngineProvider(true, 16, 16, 22, 6, 33, 66));
 
         public static SPHINCSPlusParameters shake_128s = new SPHINCSPlusParameters("shake-128s-robust",
-            new SPHINCSPlusEngine.Shake256Engine(true, 16, 16, 7, 12, 14, 63));
+            new Shake256EngineProvider(true, 16, 16, 7, 12, 14, 63));
 
         public static SPHINCSPlusParameters shake_192f = new SPHINCSPlusParameters("shake-192f-robust",
-            new SPHINCSPlusEngine.Shake256Engine(true, 24, 16, 22, 8, 33, 66));
+            new Shake256EngineProvider(true, 24, 16, 22, 8, 33, 66));
 
         public static SPHINCSPlusParameters shake_192s = new SPHINCSPlusParameters("shake-192s-robust",
-            new SPHINCSPlusEngine.Shake256Engine(true, 24, 16, 7, 14, 17, 63));
+            new Shake256EngineProvider(true, 24, 16, 7, 14, 17, 63));
 
         public static SPHINCSPlusParameters shake_256f = new SPHINCSPlusParameters("shake-256f-robust",
-            new SPHINCSPlusEngine.Shake256Engine(true, 32, 16, 17, 9, 35, 68));
+            new Shake256EngineProvider(true, 32, 16, 17, 9, 35, 68));
 
         public static SPHINCSPlusParameters shake_256s = new SPHINCSPlusParameters("shake-256s-robust",
-            new SPHINCSPlusEngine.Shake256Engine(true, 32, 16, 8, 14, 22, 64));
+            new Shake256EngineProvider(true, 32, 16, 8, 14, 22, 64));
 
         public static SPHINCSPlusParameters shake_128f_simple = new SPHINCSPlusParameters("shake-128f-simple",
-            new SPHINCSPlusEngine.Shake256Engine(false, 16, 16, 22, 6, 33, 66));
+            new Shake256EngineProvider(false, 16, 16, 22, 6, 33, 66));
 
         public static SPHINCSPlusParameters shake_128s_simple = new SPHINCSPlusParameters("shake-128s-simple",
-            new SPHINCSPlusEngine.Shake256Engine(false, 16, 16, 7, 12, 14, 63));
+            new Shake256EngineProvider(false, 16, 16, 7, 12, 14, 63));
 
         public static SPHINCSPlusParameters shake_192f_simple = new SPHINCSPlusParameters("shake-192f-simple",
-            new SPHINCSPlusEngine.Shake256Engine(false, 24, 16, 22, 8, 33, 66));
+            new Shake256EngineProvider(false, 24, 16, 22, 8, 33, 66));
 
         public static SPHINCSPlusParameters shake_192s_simple = new SPHINCSPlusParameters("shake-192s-simple",
-            new SPHINCSPlusEngine.Shake256Engine(false, 24, 16, 7, 14, 17, 63));
+            new Shake256EngineProvider(false, 24, 16, 7, 14, 17, 63));
 
         public static SPHINCSPlusParameters shake_256f_simple = new SPHINCSPlusParameters("shake-256f-simple",
-            new SPHINCSPlusEngine.Shake256Engine(false, 32, 16, 17, 9, 35, 68));
+            new Shake256EngineProvider(false, 32, 16, 17, 9, 35, 68));
 
         public static SPHINCSPlusParameters shake_256s_simple = new SPHINCSPlusParameters("shake-256s-simple",
-            new SPHINCSPlusEngine.Shake256Engine(false, 32, 16, 8, 14, 22, 64));
+            new Shake256EngineProvider(false, 32, 16, 8, 14, 22, 64));
 
         private static uint sphincsPlus_sha2_128f_robust = 0x010101;
         private static uint sphincsPlus_sha2_128s_robust = 0x010102;
@@ -86,21 +96,21 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
         private static uint sphincsPlus_sha2_192s_robust = 0x010104;
         private static uint sphincsPlus_sha2_256f_robust = 0x010105;
         private static uint sphincsPlus_sha2_256s_robust = 0x010106;
-        
+
         private static uint sphincsPlus_sha2_128f_simple = 0x010201;
         private static uint sphincsPlus_sha2_128s_simple = 0x010202;
         private static uint sphincsPlus_sha2_192f_simple = 0x010203;
         private static uint sphincsPlus_sha2_192s_simple = 0x010204;
         private static uint sphincsPlus_sha2_256f_simple = 0x010205;
         private static uint sphincsPlus_sha2_256s_simple = 0x010206;
-        
+
         private static uint sphincsPlus_shake_128f_robust = 0x020101;
         private static uint sphincsPlus_shake_128s_robust = 0x020102;
         private static uint sphincsPlus_shake_192f_robust = 0x020103;
         private static uint sphincsPlus_shake_192s_robust = 0x020104;
         private static uint sphincsPlus_shake_256f_robust = 0x020105;
         private static uint sphincsPlus_shake_256s_robust = 0x020106;
-        
+
         private static uint sphincsPlus_shake_128f_simple = 0x020201;
         private static uint sphincsPlus_shake_128s_simple = 0x020202;
         private static uint sphincsPlus_shake_192f_simple = 0x020203;
@@ -155,12 +165,12 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
             paramsToOid[SPHINCSPlusParameters.sha2_256f_simple] = sphincsPlus_sha2_256f_simple;
             paramsToOid[SPHINCSPlusParameters.sha2_256s_simple] = sphincsPlus_sha2_256s_simple;
 
-            paramsToOid[SPHINCSPlusParameters.shake_128f] =  sphincsPlus_shake_128f_robust;
-            paramsToOid[SPHINCSPlusParameters.shake_128s] =  sphincsPlus_shake_128s_robust;
-            paramsToOid[SPHINCSPlusParameters.shake_192f] =  sphincsPlus_shake_192f_robust;
-            paramsToOid[SPHINCSPlusParameters.shake_192s] =  sphincsPlus_shake_192s_robust;
-            paramsToOid[SPHINCSPlusParameters.shake_256f] =  sphincsPlus_shake_256f_robust;
-            paramsToOid[SPHINCSPlusParameters.shake_256s] =  sphincsPlus_shake_256s_robust;
+            paramsToOid[SPHINCSPlusParameters.shake_128f] = sphincsPlus_shake_128f_robust;
+            paramsToOid[SPHINCSPlusParameters.shake_128s] = sphincsPlus_shake_128s_robust;
+            paramsToOid[SPHINCSPlusParameters.shake_192f] = sphincsPlus_shake_192f_robust;
+            paramsToOid[SPHINCSPlusParameters.shake_192s] = sphincsPlus_shake_192s_robust;
+            paramsToOid[SPHINCSPlusParameters.shake_256f] = sphincsPlus_shake_256f_robust;
+            paramsToOid[SPHINCSPlusParameters.shake_256s] = sphincsPlus_shake_256s_robust;
 
             paramsToOid[SPHINCSPlusParameters.shake_128f_simple] = sphincsPlus_shake_128f_simple;
             paramsToOid[SPHINCSPlusParameters.shake_128s_simple] = sphincsPlus_shake_128s_simple;
@@ -171,17 +181,22 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
         }
 
         private String name;
-        private SPHINCSPlusEngine engine;
+        private ISPHINCSPlusEngineProvider engineProvider;
 
-        private SPHINCSPlusParameters(String name, SPHINCSPlusEngine engine)
+        private SPHINCSPlusParameters(String name, ISPHINCSPlusEngineProvider engineProvider)
         {
             this.name = name;
-            this.engine = engine;
+            this.engineProvider = engineProvider;
         }
 
         public String Name => name;
 
-        internal SPHINCSPlusEngine Engine => engine;
+        internal int N => engineProvider.N;
+
+        internal SPHINCSPlusEngine GetEngine()
+        {
+            return engineProvider.Get();
+        }
 
         /**
          * Return the SPHINCS+ parameters that map to the passed in parameter ID.
@@ -191,7 +206,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
          */
         public static SPHINCSPlusParameters GetParams(uint id)
         {
-            return (SPHINCSPlusParameters) oidToParams[id];
+            return (SPHINCSPlusParameters)oidToParams[id];
         }
 
         /**
@@ -210,4 +225,62 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
             return Pack.UInt32_To_BE(GetID(this));
         }
     }
+
+    class Sha2EngineProvider : ISPHINCSPlusEngineProvider
+    {
+        private readonly bool robust;
+        private readonly int n;
+        private readonly uint w;
+        private readonly uint d;
+        private readonly int a;
+        private readonly int k;
+        private readonly uint h;
+        
+        internal Sha2EngineProvider(bool robust, int n, uint w, uint d, int a, int k, uint h)
+        {
+            this.robust = robust;
+            this.n = n;
+            this.w = w;
+            this.d = d;
+            this.a = a;
+            this.k = k;
+            this.h = h;
+        }
+
+        public int N => this.n;
+
+        public SPHINCSPlusEngine Get()
+        {
+            return new SPHINCSPlusEngine.Sha2Engine(robust, n, w, d, a, k, h);
+        }
+    }
+
+    class Shake256EngineProvider : ISPHINCSPlusEngineProvider
+    {
+        private readonly bool robust;
+        private readonly int n;
+        private readonly uint w;
+        private readonly uint d;
+        private readonly int a;
+        private readonly int k;
+        private readonly uint h;
+
+        internal Shake256EngineProvider(bool robust, int n, uint w, uint d, int a, int k, uint h)
+        {
+            this.robust = robust;
+            this.n = n;
+            this.w = w;
+            this.d = d;
+            this.a = a;
+            this.k = k;
+            this.h = h;
+        }
+
+        public int N => this.n;
+
+        public SPHINCSPlusEngine Get()
+        {
+            return new SPHINCSPlusEngine.Shake256Engine(robust, n, w, d, a, k, h);
+        }
+    }
 }
\ No newline at end of file
diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs
index 3a42cd8f8..42c20f25d 100644
--- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs
+++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs
@@ -14,7 +14,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
         public SPHINCSPlusPrivateKeyParameters(SPHINCSPlusParameters parameters, byte[] skpkEncoded)
             : base(true, parameters)
         {
-            int n = parameters.Engine.N;
+            int n = parameters.N;
             if (skpkEncoded.Length != 4 * n)
             {
                 throw new ArgumentException("private key encoding does not match parameters");
diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs
index 24edd38b3..429234ee7 100644
--- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs
+++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs
@@ -12,7 +12,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
         public SPHINCSPlusPublicKeyParameters(SPHINCSPlusParameters parameters, byte[] pkEncoded)
             : base(false, parameters)
         {
-            int n = parameters.Engine.N;
+            int n = parameters.N;
             if (pkEncoded.Length != 2 * n)
             {
                 throw new ArgumentException("public key encoding does not match parameters");
diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs
index 7cbb9c1fb..ec0b9691e 100644
--- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs
+++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs
@@ -59,7 +59,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
             // # Output: SPHINCS+ signature SIG
             // init
 
-            SPHINCSPlusEngine engine = privKey.GetParameters().Engine;
+            SPHINCSPlusEngine engine = privKey.GetParameters().GetEngine();
 
             // generate randomizer
             byte[] optRand = new byte[engine.N];
@@ -118,7 +118,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
             //# Output: bool
 
             // init
-            SPHINCSPlusEngine engine = pubKey.GetParameters().Engine;
+            SPHINCSPlusEngine engine = pubKey.GetParameters().GetEngine();
 
             Adrs adrs = new Adrs();
             SIG sig = new SIG(engine.N, engine.K, engine.A, engine.D, engine.H_PRIME, engine.WOTS_LEN, signature);
author	David Hook <dgh@cryptoworkshop.com>	2022-07-08 15:10:10 +1000
committer	David Hook <dgh@cryptoworkshop.com>	2022-07-08 15:10:10 +1000
commit	160173b7577103e410b7a16fc55fa9693dce9ce4 (patch)
tree	b8ca118657e4f16a33e25289d3a4c9b7a007261b
parent	Fix a few warnings (diff)
download	BouncyCastle.NET-ed25519-160173b7577103e410b7a16fc55fa9693dce9ce4.tar.xz