diff options
author | David Hook <dgh@cryptoworkshop.com> | 2023-08-23 16:18:26 +1000 |
---|---|---|
committer | David Hook <dgh@cryptoworkshop.com> | 2023-08-23 16:18:26 +1000 |
commit | bdf66c1d6f5922134fa959a2825d5b324243e3fc (patch) | |
tree | c94a836dba5cf4ef9595dc1d22bf68cfa91eabc4 | |
parent | Improve EdDSA scalar reduction (diff) | |
download | BouncyCastle.NET-ed25519-bdf66c1d6f5922134fa959a2825d5b324243e3fc.tar.xz |
updated SPHINCS+ keys and OIDs
6 files changed, 62 insertions, 9 deletions
diff --git a/crypto/src/asn1/bc/BCObjectIdentifiers.cs b/crypto/src/asn1/bc/BCObjectIdentifiers.cs index fffbb1294..ce1249d38 100644 --- a/crypto/src/asn1/bc/BCObjectIdentifiers.cs +++ b/crypto/src/asn1/bc/BCObjectIdentifiers.cs @@ -179,6 +179,19 @@ namespace Org.BouncyCastle.Asn1.BC public static readonly DerObjectIdentifier sphincsPlus_haraka_256s_r3_simple = sphincsPlus.Branch("35"); public static readonly DerObjectIdentifier sphincsPlus_haraka_256f_r3_simple = sphincsPlus.Branch("36"); + // Interop OIDs. + public static readonly DerObjectIdentifier sphincsPlus_sha2_128s_simple = new DerObjectIdentifier("1.3.9999.6.4.16"); + public static readonly DerObjectIdentifier sphincsPlus_sha2_128f_simple = new DerObjectIdentifier("1.3.9999.6.4.13"); + public static readonly DerObjectIdentifier sphincsPlus_shake_128f_simple = new DerObjectIdentifier("1.3.9999.6.7.4"); + + public static readonly DerObjectIdentifier sphincsPlus_sha2_192s_simple = new DerObjectIdentifier("1.3.9999.6.5.12"); + public static readonly DerObjectIdentifier sphincsPlus_sha2_192f_simple = new DerObjectIdentifier("1.3.9999.6.5.10"); + public static readonly DerObjectIdentifier sphincsPlus_shake_192f_simple = new DerObjectIdentifier("1.3.9999.6.8.3"); + + public static readonly DerObjectIdentifier sphincsPlus_sha2_256s_simple = new DerObjectIdentifier("1.3.9999.6.6.12"); + public static readonly DerObjectIdentifier sphincsPlus_sha2_256f_simple = new DerObjectIdentifier("1.3.9999.6.6.10"); + public static readonly DerObjectIdentifier sphincsPlus_shake_256f_simple = new DerObjectIdentifier("1.3.9999.6.9.3"); + [Obsolete("Will be removed - name is erroneous")] public static readonly DerObjectIdentifier sphincsPlus_shake_256 = sphincsPlus.Branch("1"); [Obsolete("Will be removed - name is erroneous")] diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs index 13028ea1b..7536e1a89 100644 --- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs +++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPublicKeyParameters.cs @@ -27,7 +27,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus public byte[] GetEncoded() { - return Arrays.ConcatenateAll(Parameters.GetEncoded(), m_pk.seed, m_pk.root); + return Arrays.ConcatenateAll(m_pk.seed, m_pk.root); } public byte[] GetRoot() diff --git a/crypto/src/pqc/crypto/utils/PqcPublicKeyFactory.cs b/crypto/src/pqc/crypto/utils/PqcPublicKeyFactory.cs index 5dcd7ab0c..73a553d0e 100644 --- a/crypto/src/pqc/crypto/utils/PqcPublicKeyFactory.cs +++ b/crypto/src/pqc/crypto/utils/PqcPublicKeyFactory.cs @@ -142,6 +142,16 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities Converters[BCObjectIdentifiers.sphincsPlus_shake_256f_r3] = new SphincsPlusConverter(); Converters[BCObjectIdentifiers.sphincsPlus_haraka_256s_r3] = new SphincsPlusConverter(); Converters[BCObjectIdentifiers.sphincsPlus_haraka_256f_r3] = new SphincsPlusConverter(); + + Converters[BCObjectIdentifiers.sphincsPlus_sha2_128s_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_sha2_128f_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_shake_128f_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_sha2_192s_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_sha2_192f_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_shake_192f_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_sha2_256s_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_sha2_256f_simple] = new SphincsPlusConverter(); + Converters[BCObjectIdentifiers.sphincsPlus_shake_256f_simple] = new SphincsPlusConverter(); } /// <summary> Create a public key from a SubjectPublicKeyInfo encoding</summary> @@ -219,11 +229,22 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities { internal override AsymmetricKeyParameter GetPublicKeyParameters(SubjectPublicKeyInfo keyInfo, object defaultParams) { - byte[] keyEnc = Asn1OctetString.GetInstance(keyInfo.ParsePublicKey()).GetOctets(); + try + { + byte[] keyEnc = Asn1OctetString.GetInstance(keyInfo.ParsePublicKey()).GetOctets(); - SphincsPlusParameters spParams = PqcUtilities.SphincsPlusParamsLookup(keyInfo.Algorithm.Algorithm); + SphincsPlusParameters spParams = PqcUtilities.SphincsPlusParamsLookup(keyInfo.Algorithm.Algorithm); - return new SphincsPlusPublicKeyParameters(spParams, Arrays.CopyOfRange(keyEnc, 4, keyEnc.Length)); + return new SphincsPlusPublicKeyParameters(spParams, Arrays.CopyOfRange(keyEnc, 4, keyEnc.Length)); + } + catch (Exception e) + { + byte[] keyEnc = keyInfo.PublicKey.GetOctets(); + + SphincsPlusParameters spParams = PqcUtilities.SphincsPlusParamsLookup(keyInfo.Algorithm.Algorithm); + + return new SPHINCSPlusPublicKeyParameters(spParams, keyEnc); + } } } diff --git a/crypto/src/pqc/crypto/utils/PqcSubjectPublicKeyInfoFactory.cs b/crypto/src/pqc/crypto/utils/PqcSubjectPublicKeyInfoFactory.cs index 7b1142607..d99b5966b 100644 --- a/crypto/src/pqc/crypto/utils/PqcSubjectPublicKeyInfoFactory.cs +++ b/crypto/src/pqc/crypto/utils/PqcSubjectPublicKeyInfoFactory.cs @@ -60,7 +60,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( PqcUtilities.SphincsPlusOidLookup(sphincsPlusPublicKeyParameters.Parameters)); - return new SubjectPublicKeyInfo(algorithmIdentifier, new DerOctetString(encoding)); + return new SubjectPublicKeyInfo(algorithmIdentifier, encoding); } if (publicKey is CmcePublicKeyParameters cmcePublicKeyParameters) { diff --git a/crypto/src/pqc/crypto/utils/PqcUtilities.cs b/crypto/src/pqc/crypto/utils/PqcUtilities.cs index 5172733fd..c0093c33c 100644 --- a/crypto/src/pqc/crypto/utils/PqcUtilities.cs +++ b/crypto/src/pqc/crypto/utils/PqcUtilities.cs @@ -234,6 +234,16 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities sphincsPlusOids[SphincsPlusParameters.haraka_256s] = BCObjectIdentifiers.sphincsPlus_haraka_256s_r3; sphincsPlusOids[SphincsPlusParameters.haraka_256f] = BCObjectIdentifiers.sphincsPlus_haraka_256f_r3; + sphincsPlusOids[SphincsPlusParameters.sha2_128s_simple] = BCObjectIdentifiers.sphincsPlus_sha2_128s_simple; + sphincsPlusOids[SphincsPlusParameters.sha2_128f_simple] = BCObjectIdentifiers.sphincsPlus_sha2_128f_simple; + sphincsPlusOids[SphincsPlusParameters.shake_128f_simple] = BCObjectIdentifiers.sphincsPlus_shake_128f_simple; + sphincsPlusOids[SphincsPlusParameters.sha2_192s_simple] = BCObjectIdentifiers.sphincsPlus_sha2_192s_simple; + sphincsPlusOids[SphincsPlusParameters.sha2_192f_simple] = BCObjectIdentifiers.sphincsPlus_sha2_192f_simple; + sphincsPlusOids[SphincsPlusParameters.shake_192f_simple] = BCObjectIdentifiers.sphincsPlus_shake_192f_simple; + sphincsPlusOids[SphincsPlusParameters.sha2_256s_simple] = BCObjectIdentifiers.sphincsPlus_sha2_256s_simple; + sphincsPlusOids[SphincsPlusParameters.sha2_256f_simple] = BCObjectIdentifiers.sphincsPlus_sha2_256f_simple; + sphincsPlusOids[SphincsPlusParameters.shake_256f_simple] = BCObjectIdentifiers.sphincsPlus_shake_256f_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_128s_r3] = SphincsPlusParameters.sha2_128s; sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_128f_r3] = SphincsPlusParameters.sha2_128f; sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_shake_128s_r3] = SphincsPlusParameters.shake_128s; @@ -252,6 +262,15 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_shake_256f_r3] = SphincsPlusParameters.shake_256f; sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_haraka_256s_r3] = SphincsPlusParameters.haraka_256s; sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_haraka_256f_r3] = SphincsPlusParameters.haraka_256f; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_128s_simple = SphincsPlusParameters.sha2_128s_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_128f_simple = SphincsPlusParameters.sha2_128f_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_shake_128f_simple = SphincsPlusParameters.shake_128f_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_192s_simple = SphincsPlusParameters.sha2_192s_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_192f_simple = SphincsPlusParameters.sha2_192f_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_shake_192f_simple = SphincsPlusParameters.shake_192f_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_256s_simple = SphincsPlusParameters.sha2_256s_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_sha2_256f_simple = SphincsPlusParameters.sha2_256f_simple; + sphincsPlusParams[BCObjectIdentifiers.sphincsPlus_shake_256f_simple] = SphincsPlusParameters.shake_256f_simple; } internal static DerObjectIdentifier McElieceOidLookup(CmceParameters parameters) diff --git a/crypto/test/src/pqc/crypto/test/SphincsPlusTest.cs b/crypto/test/src/pqc/crypto/test/SphincsPlusTest.cs index 2f46a6028..ce09f7181 100644 --- a/crypto/test/src/pqc/crypto/test/SphincsPlusTest.cs +++ b/crypto/test/src/pqc/crypto/test/SphincsPlusTest.cs @@ -116,7 +116,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests SphincsPlusPublicKeyParameters pubParams = (SphincsPlusPublicKeyParameters)kp.Public; SphincsPlusPrivateKeyParameters privParams = (SphincsPlusPrivateKeyParameters)kp.Private; - Assert.True(Arrays.AreEqual(Arrays.Concatenate(pubParams.Parameters.GetEncoded(), Hex.Decode("3e784ccb7ebcdcfd45542b7f6af778742e0f4479175084aa488b3b74340678aa6ba9430051e61cb676e8449087b938a79575b3a16736ce68a3655a28001155f5")), pubParams.GetEncoded())); + Assert.True(Arrays.AreEqual(Hex.Decode("3e784ccb7ebcdcfd45542b7f6af778742e0f4479175084aa488b3b74340678aa6ba9430051e61cb676e8449087b938a79575b3a16736ce68a3655a28001155f5"), pubParams.GetEncoded())); Assert.True(Arrays.AreEqual(Arrays.Concatenate(privParams.Parameters.GetEncoded(), Hex.Decode("7c9935a0b07694aa0c6d10e4db6b1add2fd81a25ccb148032dcd739936737f2db505d7cfad1b497499323c8686325e4792f267aafa3f87ca60d01cb54f29202a3e784ccb7ebcdcfd45542b7f6af778742e0f4479175084aa488b3b74340678aa6ba9430051e61cb676e8449087b938a79575b3a16736ce68a3655a28001155f5")), privParams.GetEncoded())); SubjectPublicKeyInfo pubInfo = PqcSubjectPublicKeyInfoFactory.CreateSubjectPublicKeyInfo(pubParams); @@ -125,7 +125,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests pubParams = (SphincsPlusPublicKeyParameters)PqcPublicKeyFactory.CreateKey(pubInfo.GetEncoded()); privParams = (SphincsPlusPrivateKeyParameters)PqcPrivateKeyFactory.CreateKey(privInfo.GetEncoded()); - Assert.True(Arrays.AreEqual(Arrays.Concatenate(pubParams.Parameters.GetEncoded(), Hex.Decode("3e784ccb7ebcdcfd45542b7f6af778742e0f4479175084aa488b3b74340678aa6ba9430051e61cb676e8449087b938a79575b3a16736ce68a3655a28001155f5")), pubParams.GetEncoded())); + Assert.True(Arrays.AreEqual(Hex.Decode("3e784ccb7ebcdcfd45542b7f6af778742e0f4479175084aa488b3b74340678aa6ba9430051e61cb676e8449087b938a79575b3a16736ce68a3655a28001155f5"), pubParams.GetEncoded())); Assert.True(Arrays.AreEqual(Arrays.Concatenate(privParams.Parameters.GetEncoded(), Hex.Decode("7c9935a0b07694aa0c6d10e4db6b1add2fd81a25ccb148032dcd739936737f2db505d7cfad1b497499323c8686325e4792f267aafa3f87ca60d01cb54f29202a3e784ccb7ebcdcfd45542b7f6af778742e0f4479175084aa488b3b74340678aa6ba9430051e61cb676e8449087b938a79575b3a16736ce68a3655a28001155f5")), privParams.GetEncoded())); } @@ -135,7 +135,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests SphincsPlusPublicKeyParameters pubParams = new SphincsPlusPublicKeyParameters(SphincsPlusParameters.sha2_128f, Hex.Decode("b505d7cfad1b497499323c8686325e473985e5a31e5b9a0457916c84320c2ea8")); SphincsPlusPrivateKeyParameters privParams = new SphincsPlusPrivateKeyParameters(SphincsPlusParameters.sha2_128f, Hex.Decode("7c9935a0b07694aa0c6d10e4db6b1add2fd81a25ccb148032dcd739936737f2db505d7cfad1b497499323c8686325e473985e5a31e5b9a0457916c84320c2ea8")); - Assert.True(Arrays.AreEqual(Arrays.Concatenate(pubParams.Parameters.GetEncoded(), Hex.Decode("b505d7cfad1b497499323c8686325e473985e5a31e5b9a0457916c84320c2ea8")), pubParams.GetEncoded())); + Assert.True(Arrays.AreEqual(Hex.Decode("b505d7cfad1b497499323c8686325e473985e5a31e5b9a0457916c84320c2ea8"), pubParams.GetEncoded())); Assert.True(Arrays.AreEqual(Arrays.Concatenate(privParams.Parameters.GetEncoded(), Hex.Decode("7c9935a0b07694aa0c6d10e4db6b1add2fd81a25ccb148032dcd739936737f2db505d7cfad1b497499323c8686325e473985e5a31e5b9a0457916c84320c2ea8")), privParams.GetEncoded())); byte[] msg = Hex.Decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8"); @@ -462,7 +462,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests PqcPrivateKeyInfoFactory.CreatePrivateKeyInfo(privParams)); } - Assert.True(Arrays.AreEqual(Arrays.Concatenate(pubParams.Parameters.GetEncoded(), pk), pubParams.GetEncoded()), name + " " + count + ": public key"); + Assert.True(Arrays.AreEqual(pk, pubParams.GetEncoded()), name + " " + count + ": public key"); Assert.True(Arrays.AreEqual(Arrays.Concatenate(privParams.Parameters.GetEncoded(), sk), privParams.GetEncoded()), name + " " + count + ": secret key"); // |