summary refs log tree commit diff
path: root/crypto/src/pqc
diff options
context:
space:
mode:
authorDavid Hook <david.hook@keyfactor.com>2023-08-27 13:47:24 +1000
committerDavid Hook <david.hook@keyfactor.com>2023-08-27 13:47:24 +1000
commit6ed8b6b6cec6913c19478c2c9b54a7cf87e762d7 (patch)
tree5a62c7d01b3fa27b0539be8fa2c3269ff2b21fc2 /crypto/src/pqc
parentmarked sphincs+ robust as obsolete (diff)
downloadBouncyCastle.NET-ed25519-6ed8b6b6cec6913c19478c2c9b54a7cf87e762d7.tar.xz
modified Kyber/Dilithium private keys to be in line with OQS
Diffstat (limited to 'crypto/src/pqc')
-rw-r--r--crypto/src/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.cs22
-rw-r--r--crypto/src/pqc/crypto/crystals/kyber/KyberPrivateKeyParameters.cs13
-rw-r--r--crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs39
-rw-r--r--crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs24
4 files changed, 46 insertions, 52 deletions
diff --git a/crypto/src/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.cs b/crypto/src/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.cs
index 66a518c93..cf18ce56e 100644
--- a/crypto/src/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.cs
+++ b/crypto/src/pqc/crypto/crystals/dilithium/DilithiumPrivateKeyParameters.cs
@@ -27,6 +27,28 @@ namespace Org.BouncyCastle.Pqc.Crypto.Crystals.Dilithium
             m_t1 = Arrays.Clone(t1);
         }
 
+        public DilithiumPrivateKeyParameters(DilithiumParameters parameters, byte[] encoding, DilithiumPublicKeyParameters pubKey)
+    : base(true, parameters)
+        {
+            DilithiumEngine eng = parameters.GetEngine(null);
+
+            int index = 0;
+            m_rho = Arrays.CopyOfRange(encoding, 0, DilithiumEngine.SeedBytes); index += DilithiumEngine.SeedBytes;
+            m_k = Arrays.CopyOfRange(encoding, index, index + DilithiumEngine.SeedBytes); index += DilithiumEngine.SeedBytes;
+            m_tr = Arrays.CopyOfRange(encoding, index, index + DilithiumEngine.TrBytes); index += DilithiumEngine.TrBytes;
+            int delta = eng.L * eng.PolyEtaPackedBytes;
+            m_s1 = Arrays.CopyOfRange(encoding, index, index + delta); index += delta;
+            delta = eng.K * eng.PolyEtaPackedBytes;
+            m_s2 = Arrays.CopyOfRange(encoding, index, index + delta); index += delta;
+            delta = eng.K * DilithiumEngine.PolyT0PackedBytes;
+            m_t0 = Arrays.CopyOfRange(encoding, index, index + delta);
+
+            if (pubKey != null)
+            {
+                m_t1 = Arrays.Clone(pubKey.GetT1());
+            }
+        }
+
         public byte[] GetEncoded() => Arrays.ConcatenateAll(m_rho, m_k, m_tr, m_s1, m_s2, m_t0);
 
         public byte[] K => Arrays.Clone(m_k);
diff --git a/crypto/src/pqc/crypto/crystals/kyber/KyberPrivateKeyParameters.cs b/crypto/src/pqc/crypto/crystals/kyber/KyberPrivateKeyParameters.cs
index 08b4fbe86..594df1e05 100644
--- a/crypto/src/pqc/crypto/crystals/kyber/KyberPrivateKeyParameters.cs
+++ b/crypto/src/pqc/crypto/crystals/kyber/KyberPrivateKeyParameters.cs
@@ -22,6 +22,19 @@ namespace Org.BouncyCastle.Pqc.Crypto.Crystals.Kyber
             m_rho = Arrays.Clone(rho);
         }
 
+        public KyberPrivateKeyParameters(KyberParameters parameters, byte[] encoding)
+            : base(true, parameters)
+        {
+            KyberEngine eng = parameters.Engine;
+
+            int index = 0;
+            m_s = Arrays.CopyOfRange(encoding, 0, eng.IndCpaSecretKeyBytes); index += eng.IndCpaSecretKeyBytes;
+            m_t = Arrays.CopyOfRange(encoding, index, index + eng.IndCpaPublicKeyBytes - KyberEngine.SymBytes); index += eng.IndCpaPublicKeyBytes - KyberEngine.SymBytes;
+            m_rho = Arrays.CopyOfRange(encoding, index, index + 32); index += 32;
+            m_hpk = Arrays.CopyOfRange(encoding, index, index + 32); index += 32;
+            m_nonce = Arrays.CopyOfRange(encoding, index, index + KyberEngine.SymBytes);       
+        }
+
         public byte[] GetEncoded() => Arrays.ConcatenateAll(m_s, m_t, m_rho, m_hpk, m_nonce);
 
         public byte[] GetHpk() => Arrays.Clone(m_hpk);
diff --git a/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs b/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs
index c1e3feb1b..8058ed695 100644
--- a/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs
+++ b/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs
@@ -138,54 +138,29 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities
             }
             if (algOid.On(BCObjectIdentifiers.pqc_kem_kyber))
             {
-                KyberPrivateKey kyberKey = KyberPrivateKey.GetInstance(keyInfo.ParsePrivateKey());
+                Asn1OctetString kyberKey = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey());
                 KyberParameters kyberParams = PqcUtilities.KyberParamsLookup(algOid);
-
-#pragma warning disable CS0618 // Type or member is obsolete
-                KyberPublicKey pubKey = kyberKey.PublicKey;
-#pragma warning restore CS0618 // Type or member is obsolete
-                if (pubKey != null)
-                {
-                    return new KyberPrivateKeyParameters(kyberParams, kyberKey.GetS(), kyberKey.GetHpk(),
-                        kyberKey.GetNonce(), pubKey.T, pubKey.Rho);
-                }
-                return new KyberPrivateKeyParameters(kyberParams, kyberKey.GetS(), kyberKey.GetHpk(),
-                    kyberKey.GetNonce(), null, null);
+     
+                return new KyberPrivateKeyParameters(kyberParams, kyberKey.GetOctets());
             }
             if (algOid.Equals(BCObjectIdentifiers.dilithium2) ||
                 algOid.Equals(BCObjectIdentifiers.dilithium3) ||
-                algOid.Equals(BCObjectIdentifiers.dilithium5) ||
-                algOid.Equals(BCObjectIdentifiers.dilithium2_aes) ||
-                algOid.Equals(BCObjectIdentifiers.dilithium3_aes) ||
-                algOid.Equals(BCObjectIdentifiers.dilithium5_aes))
+                algOid.Equals(BCObjectIdentifiers.dilithium5))
             {
-                Asn1Sequence keyEnc = Asn1Sequence.GetInstance(keyInfo.ParsePrivateKey());
+                Asn1OctetString keyEnc = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey());
 
                 DilithiumParameters spParams = PqcUtilities.DilithiumParamsLookup(algOid);
 
-                int version = DerInteger.GetInstance(keyEnc[0]).IntValueExact;
-                if (version != 0)
-                    throw new IOException("unknown private key version: " + version);
-
-                byte[] t1 = null;
-
                 DerBitString publicKeyData = keyInfo.PublicKey;
                 if (publicKeyData != null)
                 {
                     var pubParams = PqcPublicKeyFactory.DilithiumConverter.GetPublicKeyParameters(spParams,
                         publicKeyData);
 
-                    t1 = pubParams.GetT1();
+                    return new DilithiumPrivateKeyParameters(spParams, keyEnc.GetOctets(), pubParams);
                 }
 
-                return new DilithiumPrivateKeyParameters(spParams,
-                    DerBitString.GetInstance(keyEnc[1]).GetOctets(),
-                    DerBitString.GetInstance(keyEnc[2]).GetOctets(),
-                    DerBitString.GetInstance(keyEnc[3]).GetOctets(),
-                    DerBitString.GetInstance(keyEnc[4]).GetOctets(),
-                    DerBitString.GetInstance(keyEnc[5]).GetOctets(),
-                    DerBitString.GetInstance(keyEnc[6]).GetOctets(),
-                    t1); // encT1
+                return new DilithiumPrivateKeyParameters(spParams, keyEnc.GetOctets(), null);
             }
             if (algOid.Equals(BCObjectIdentifiers.falcon_512) ||
                 algOid.Equals(BCObjectIdentifiers.falcon_1024))
diff --git a/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs b/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs
index ad079d5c6..1895bf891 100644
--- a/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs
+++ b/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs
@@ -133,33 +133,17 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities
             {
                 AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(
                     PqcUtilities.KyberOidLookup(kyberPrivateKeyParameters.Parameters));
-
-#pragma warning disable CS0618 // Type or member is obsolete
-                KyberPublicKey kyberPub = new KyberPublicKey(kyberPrivateKeyParameters.GetT(),
-                    kyberPrivateKeyParameters.GetRho());
-#pragma warning restore CS0618 // Type or member is obsolete
-                KyberPrivateKey kyberPriv = new KyberPrivateKey(0, kyberPrivateKeyParameters.GetS(),
-                    kyberPrivateKeyParameters.GetHpk(), kyberPrivateKeyParameters.GetNonce(), kyberPub);
-
-                return new PrivateKeyInfo(algorithmIdentifier, kyberPriv, attributes);
+                
+                return new PrivateKeyInfo(algorithmIdentifier, new DerOctetString(kyberPrivateKeyParameters.GetEncoded()), attributes);
             }
             if (privateKey is DilithiumPrivateKeyParameters dilithiumPrivateKeyParameters)
             {
-                Asn1EncodableVector v = new Asn1EncodableVector(7);
-                v.Add(new DerInteger(0));
-                v.Add(new DerBitString(dilithiumPrivateKeyParameters.Rho));
-                v.Add(new DerBitString(dilithiumPrivateKeyParameters.K));
-                v.Add(new DerBitString(dilithiumPrivateKeyParameters.Tr));
-                v.Add(new DerBitString(dilithiumPrivateKeyParameters.S1));
-                v.Add(new DerBitString(dilithiumPrivateKeyParameters.S2));
-                v.Add(new DerBitString(dilithiumPrivateKeyParameters.T0));
-
-                AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(
+               AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(
                     PqcUtilities.DilithiumOidLookup(dilithiumPrivateKeyParameters.Parameters));
 
                 DilithiumPublicKeyParameters pubParams = dilithiumPrivateKeyParameters.GetPublicKeyParameters();
 
-                return new PrivateKeyInfo(algorithmIdentifier, new DerSequence(v), attributes, pubParams.GetEncoded());
+                return new PrivateKeyInfo(algorithmIdentifier, new DerOctetString(dilithiumPrivateKeyParameters.GetEncoded()), attributes, pubParams.GetEncoded());
             }
             if (privateKey is BikePrivateKeyParameters bikePrivateKeyParameters)
             {