updated SPHINCS+ private key encoding

author: David Hook <david.hook@keyfactor.com> 2023-08-30 17:43:49 +1000
committer: David Hook <david.hook@keyfactor.com> 2023-08-30 17:43:49 +1000
commit: 87084dd908557ec94f92f3f4dd224998a2da227c (patch)
tree: 1ecb9dd45f955c4fae9f56681621df085e785a39 /crypto/src
parent: Merge remote-tracking branch 'refs/remotes/origin/master' (diff)
download: BouncyCastle.NET-ed25519-87084dd908557ec94f92f3f4dd224998a2da227c.tar.xz
4 files changed, 22 insertions, 12 deletions
diff --git a/crypto/src/asn1/bc/BCObjectIdentifiers.cs b/crypto/src/asn1/bc/BCObjectIdentifiers.cs
index 451f846f8..e9d5efdc5 100644
--- a/crypto/src/asn1/bc/BCObjectIdentifiers.cs
+++ b/crypto/src/asn1/bc/BCObjectIdentifiers.cs
@@ -180,6 +180,8 @@ namespace Org.BouncyCastle.Asn1.BC
         public static readonly DerObjectIdentifier sphincsPlus_haraka_256f_r3_simple = sphincsPlus.Branch("36");
 
         // Interop OIDs.
+        public static readonly DerObjectIdentifier sphincsPlus_interop = new DerObjectIdentifier("1.3.9999.6");
+
         public static readonly DerObjectIdentifier sphincsPlus_sha2_128f = new DerObjectIdentifier("1.3.9999.6.4.13");
         public static readonly DerObjectIdentifier sphincsPlus_sha2_128s = new DerObjectIdentifier("1.3.9999.6.4.16");
         public static readonly DerObjectIdentifier sphincsPlus_sha2_192f = new DerObjectIdentifier("1.3.9999.6.5.10");
diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs
index de9dae2ce..d9353fd4c 100644
--- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs
+++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusPrivateKeyParameters.cs
@@ -38,12 +38,12 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus
 
         public byte[] GetEncoded()
         {
-            return Arrays.ConcatenateAll(Parameters.GetEncoded(), m_sk.seed, m_sk.prf, m_pk.seed, m_pk.root);
+            return Arrays.ConcatenateAll(m_sk.seed, m_sk.prf, m_pk.seed, m_pk.root);
         }
 
         public byte[] GetEncodedPublicKey()
         {
-            return Arrays.ConcatenateAll(Parameters.GetEncoded(), m_pk.seed, m_pk.root);
+            return Arrays.ConcatenateAll(m_pk.seed, m_pk.root);
         }
 
         public byte[] GetPrf()
diff --git a/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs b/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs
index 8058ed695..1fc937e6f 100644
--- a/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs
+++ b/crypto/src/pqc/crypto/utils/PqcPrivateKeyFactory.cs
@@ -86,14 +86,26 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities
 
                 return new FrodoPrivateKeyParameters(spParams, keyEnc);
             }
-            if (algOid.On(BCObjectIdentifiers.sphincsPlus))
+            if (algOid.On(BCObjectIdentifiers.sphincsPlus) || algOid.On(BCObjectIdentifiers.sphincsPlus_interop))
             {
-                SphincsPlusPrivateKey spKey = SphincsPlusPrivateKey.GetInstance(keyInfo.ParsePrivateKey());
+                Asn1Encodable obj = keyInfo.ParsePrivateKey();
                 SphincsPlusParameters spParams = PqcUtilities.SphincsPlusParamsLookup(algOid);
-                SphincsPlusPublicKey publicKey = spKey.PublicKey;
 
-                return new SphincsPlusPrivateKeyParameters(spParams, spKey.GetSkseed(), spKey.GetSkprf(),
-                    publicKey.GetPkseed(), publicKey.GetPkroot());
+                if (obj is Asn1Sequence keySeq) 
+                { 
+                    SphincsPlusPrivateKey spKey = SphincsPlusPrivateKey.GetInstance(keySeq);
+                    
+                    SphincsPlusPublicKey publicKey = spKey.PublicKey;
+
+                    return new SphincsPlusPrivateKeyParameters(spParams, spKey.GetSkseed(), spKey.GetSkprf(),
+                        publicKey.GetPkseed(), publicKey.GetPkroot());
+                }
+                else
+                {
+                    Asn1OctetString oct = Asn1OctetString.GetInstance(obj);
+
+                    return new SphincsPlusPrivateKeyParameters(spParams, oct.GetOctets());
+                }
             }
             if (algOid.On(BCObjectIdentifiers.pqc_kem_saber))
             {
diff --git a/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs b/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs
index 1895bf891..4be386ed4 100644
--- a/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs
+++ b/crypto/src/pqc/crypto/utils/PqcPrivateKeyInfoFactory.cs
@@ -60,12 +60,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities
             {
                 AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(
                     PqcUtilities.SphincsPlusOidLookup(sphincsPlusPrivateKeyParameters.Parameters));
-                SphincsPlusPublicKey spPub = new SphincsPlusPublicKey(sphincsPlusPrivateKeyParameters.GetPublicSeed(),
-                    sphincsPlusPrivateKeyParameters.GetRoot());
-                SphincsPlusPrivateKey spPriv = new SphincsPlusPrivateKey(0, sphincsPlusPrivateKeyParameters.GetSeed(),
-                    sphincsPlusPrivateKeyParameters.GetPrf(), spPub);
 
-                return new PrivateKeyInfo(algorithmIdentifier, spPriv, attributes);
+                return new PrivateKeyInfo(algorithmIdentifier, new DerOctetString(sphincsPlusPrivateKeyParameters.GetEncoded()), attributes);
             }
             if (privateKey is CmcePrivateKeyParameters cmcePrivateKeyParameters)
             {
author	David Hook <david.hook@keyfactor.com>	2023-08-30 17:43:49 +1000
committer	David Hook <david.hook@keyfactor.com>	2023-08-30 17:43:49 +1000
commit	87084dd908557ec94f92f3f4dd224998a2da227c (patch)
tree	1ecb9dd45f955c4fae9f56681621df085e785a39 /crypto/src
parent	Merge remote-tracking branch 'refs/remotes/origin/master' (diff)
download	BouncyCastle.NET-ed25519-87084dd908557ec94f92f3f4dd224998a2da227c.tar.xz