From 86daf64a96babafec6320f078bec76de8f297947 Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Sat, 22 Oct 2022 14:00:43 +0700 Subject: Refactoring in Pqc.Crypto.Saber --- crypto/src/pqc/crypto/saber/Poly.cs | 62 +++-- crypto/src/pqc/crypto/saber/SABEREngine.cs | 119 +++------ crypto/src/pqc/crypto/saber/SABERKEMExtractor.cs | 13 +- crypto/src/pqc/crypto/saber/SABERKEMGenerator.cs | 16 +- .../crypto/saber/SABERKeyGenerationParameters.cs | 9 +- .../src/pqc/crypto/saber/SABERKeyPairGenerator.cs | 7 +- crypto/src/pqc/crypto/saber/SABERKeyParameters.cs | 16 +- crypto/src/pqc/crypto/saber/SABERParameters.cs | 19 +- .../pqc/crypto/saber/SABERPrivateKeyParameters.cs | 16 +- .../pqc/crypto/saber/SABERPublicKeyParameters.cs | 19 +- crypto/src/pqc/crypto/saber/SaberUtilities.cs | 273 ++++++++++++++++++++ crypto/src/pqc/crypto/saber/Utils.cs | 274 --------------------- .../src/pqc/crypto/utils/PrivateKeyInfoFactory.cs | 23 +- .../crypto/utils/SubjectPublicKeyInfoFactory.cs | 24 +- crypto/test/src/pqc/crypto/test/SaberVectorTest.cs | 2 +- 15 files changed, 423 insertions(+), 469 deletions(-) create mode 100644 crypto/src/pqc/crypto/saber/SaberUtilities.cs delete mode 100644 crypto/src/pqc/crypto/saber/Utils.cs diff --git a/crypto/src/pqc/crypto/saber/Poly.cs b/crypto/src/pqc/crypto/saber/Poly.cs index 021f1d0e3..eaae6c9a5 100644 --- a/crypto/src/pqc/crypto/saber/Poly.cs +++ b/crypto/src/pqc/crypto/saber/Poly.cs @@ -1,65 +1,59 @@ - using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - - class Poly + internal class Poly { - private static int KARATSUBA_N = 64; - - private static int SCHB_N = 16; - - private int N_RES; - private int N_SB; - private int N_SB_RES; - private int SABER_N; - private int SABER_L; + private const int KARATSUBA_N = 64; - private SABEREngine engine; - private Utils utils; + //private readonly int N_RES; + private readonly int N_SB; + private readonly int N_SB_RES; + private readonly int SABER_N; + private readonly int SABER_L; + private readonly SaberEngine engine; + private readonly SaberUtilities utils; - public Poly(SABEREngine engine) + public Poly(SaberEngine engine) { this.engine = engine; - this.SABER_L = engine.getSABER_L(); - this.SABER_N = engine.getSABER_N(); - this.N_RES = (SABER_N << 1); - this.N_SB = (SABER_N >> 2); - this.N_SB_RES = (2 * N_SB - 1); - this.utils = engine.GetUtils(); + this.SABER_L = engine.L; + this.SABER_N = engine.N; + //this.N_RES = SABER_N << 1; + this.N_SB = SABER_N >> 2; + this.N_SB_RES = 2 * N_SB - 1; + this.utils = engine.Utilities; } public void GenMatrix(short[][][] A, byte[] seed) { - byte[] buf = new byte[SABER_L * engine.getSABER_POLYVECBYTES()]; + byte[] buf = new byte[SABER_L * engine.PolyVecBytes]; int i; IXof digest = new ShakeDigest(128); - digest.BlockUpdate(seed, 0, engine.getSABER_SEEDBYTES()); + digest.BlockUpdate(seed, 0, engine.SeedBytes); digest.OutputFinal(buf, 0, buf.Length); for (i = 0; i < SABER_L; i++) { - utils.BS2POLVECq(buf, i * engine.getSABER_POLYVECBYTES(), A[i]); + utils.BS2POLVECq(buf, i * engine.PolyVecBytes, A[i]); } } public void GenSecret(short[][] s, byte[] seed) { - byte[] buf = new byte[SABER_L * engine.getSABER_POLYCOINBYTES()]; - int i; + byte[] buf = new byte[SABER_L * engine.PolyCoinBytes]; + IXof digest = new ShakeDigest(128); - digest.BlockUpdate(seed, 0, engine.getSABER_NOISE_SEEDBYTES()); + digest.BlockUpdate(seed, 0, engine.NoiseSeedBytes); digest.OutputFinal(buf, 0, buf.Length); - for (i = 0; i < SABER_L; i++) + for (int i = 0; i < SABER_L; i++) { - Cbd(s[i], buf, i * engine.getSABER_POLYCOINBYTES()); + Cbd(s[i], buf, i * engine.PolyCoinBytes); } - } private long LoadLittleEndian(byte[] x, int offset, int bytes) @@ -78,7 +72,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber { int[] a = new int[4], b = new int[4]; int i, j; - if (engine.getSABER_MU() == 6) + if (engine.MU == 6) { int t, d; for (i = 0; i < SABER_N / 4; i++) @@ -103,7 +97,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber s[4 * i + 3] = (short) (a[3] - b[3]); } } - else if (engine.getSABER_MU() == 8) + else if (engine.MU == 8) { int t, d; for (i = 0; i < SABER_N / 4; i++) @@ -129,7 +123,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber s[4 * i + 3] = (short) (a[3] - b[3]); } } - else if (engine.getSABER_MU() == 10) + else if (engine.MU == 10) { long t, d; for (i = 0; i < SABER_N / 4; i++) @@ -435,4 +429,4 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABEREngine.cs b/crypto/src/pqc/crypto/saber/SABEREngine.cs index a7c8d3ff9..c17efb123 100644 --- a/crypto/src/pqc/crypto/saber/SABEREngine.cs +++ b/crypto/src/pqc/crypto/saber/SABEREngine.cs @@ -1,5 +1,5 @@ - using System; + using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Security; @@ -7,103 +7,66 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - internal class SABEREngine + internal sealed class SaberEngine { // constant parameters - public static int SABER_EQ = 13; - public static int SABER_EP = 10; - public static int SABER_N = 256; - - private static int SABER_SEEDBYTES = 32; - private static int SABER_NOISE_SEEDBYTES = 32; - private static int SABER_KEYBYTES = 32; - private static int SABER_HASHBYTES = 32; + internal const int SABER_EQ = 13; + internal const int SABER_EP = 10; + internal const int SABER_N = 256; + private const int SABER_SEEDBYTES = 32; + private const int SABER_NOISE_SEEDBYTES = 32; + private const int SABER_KEYBYTES = 32; + private const int SABER_HASHBYTES = 32; // parameters for SABER{n} - private int SABER_L; - private int SABER_MU; - private int SABER_ET; - - private int SABER_POLYCOINBYTES; - private int SABER_POLYBYTES; - private int SABER_POLYVECBYTES; - private int SABER_POLYCOMPRESSEDBYTES; - private int SABER_POLYVECCOMPRESSEDBYTES; - private int SABER_SCALEBYTES_KEM; - private int SABER_INDCPA_PUBLICKEYBYTES; - private int SABER_INDCPA_SECRETKEYBYTES; - private int SABER_PUBLICKEYBYTES; - private int SABER_SECRETKEYBYTES; - private int SABER_BYTES_CCA_DEC; - private int defaultKeySize; + private readonly int SABER_L; + private readonly int SABER_MU; + private readonly int SABER_ET; + + private readonly int SABER_POLYCOINBYTES; + private readonly int SABER_POLYBYTES; + private readonly int SABER_POLYVECBYTES; + private readonly int SABER_POLYCOMPRESSEDBYTES; + private readonly int SABER_POLYVECCOMPRESSEDBYTES; + private readonly int SABER_SCALEBYTES_KEM; + private readonly int SABER_INDCPA_PUBLICKEYBYTES; + private readonly int SABER_INDCPA_SECRETKEYBYTES; + private readonly int SABER_PUBLICKEYBYTES; + private readonly int SABER_SECRETKEYBYTES; + private readonly int SABER_BYTES_CCA_DEC; + private readonly int defaultKeySize; // private int h1; private int h2; - private Utils utils; + private SaberUtilities utils; private Poly poly; - public int getSABER_N() - { - return SABER_N; - } + public int N => SABER_N; - public int getSABER_EP() - { - return SABER_EP; - } + public int EP => SABER_EP; - public int getSABER_KEYBYTES() - { - return SABER_KEYBYTES; - } + public int KeyBytes => SABER_KEYBYTES; - public int getSABER_L() - { - return SABER_L; - } + public int L => SABER_L; - public int getSABER_ET() - { - return SABER_ET; - } + public int ET => SABER_ET; - public int getSABER_POLYBYTES() - { - return SABER_POLYBYTES; - } + public int PolyBytes => SABER_POLYBYTES; - public int getSABER_POLYVECBYTES() - { - return SABER_POLYVECBYTES; - } + public int PolyVecBytes => SABER_POLYVECBYTES; - public int getSABER_SEEDBYTES() - { - return SABER_SEEDBYTES; - } + public int SeedBytes => SABER_SEEDBYTES; - public int getSABER_POLYCOINBYTES() - { - return SABER_POLYCOINBYTES; - } + public int PolyCoinBytes => SABER_POLYCOINBYTES; - public int getSABER_NOISE_SEEDBYTES() - { - return SABER_NOISE_SEEDBYTES; - } + public int NoiseSeedBytes => SABER_NOISE_SEEDBYTES; - public int getSABER_MU() - { - return SABER_MU; - } + public int MU => SABER_MU; - public Utils GetUtils() - { - return utils; - } + public SaberUtilities Utilities => utils; public int GetSessionKeySize() { @@ -126,7 +89,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber return SABER_SECRETKEYBYTES; } - public SABEREngine(int l, int defaultKeySize) + internal SaberEngine(int l, int defaultKeySize) { this.defaultKeySize = defaultKeySize; @@ -162,7 +125,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber this.h1 = (1 << (SABER_EQ - SABER_EP - 1)); this.h2 = ((1 << (SABER_EP - 2)) - (1 << (SABER_EP - SABER_ET - 1)) + (1 << (SABER_EQ - SABER_EP - 1))); - utils = new Utils(this); + utils = new SaberUtilities(this); poly = new Poly(this); } @@ -461,4 +424,4 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABERKEMExtractor.cs b/crypto/src/pqc/crypto/saber/SABERKEMExtractor.cs index 7199b9dab..ce0b374f3 100644 --- a/crypto/src/pqc/crypto/saber/SABERKEMExtractor.cs +++ b/crypto/src/pqc/crypto/saber/SABERKEMExtractor.cs @@ -1,24 +1,23 @@ - using Org.BouncyCastle.Crypto; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - public class SaberKemExtractor + public sealed class SaberKemExtractor : IEncapsulatedSecretExtractor { - private SABEREngine engine; + private readonly SaberKeyParameters key; - private SaberKeyParameters key; + private SaberEngine engine; public SaberKemExtractor(SaberKeyParameters privParams) { this.key = privParams; - InitCipher(key.GetParameters()); + InitCipher(key.Parameters); } private void InitCipher(SaberParameters param) { - engine = param.GetEngine(); + engine = param.Engine; } public byte[] ExtractSecret(byte[] encapsulation) @@ -30,4 +29,4 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber public int EncapsulationLength => engine.GetCipherTextSize(); } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABERKEMGenerator.cs b/crypto/src/pqc/crypto/saber/SABERKEMGenerator.cs index 0919b4dea..f948717b1 100644 --- a/crypto/src/pqc/crypto/saber/SABERKEMGenerator.cs +++ b/crypto/src/pqc/crypto/saber/SABERKEMGenerator.cs @@ -1,13 +1,10 @@ - -using System; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Pqc.Crypto.Utilities; using Org.BouncyCastle.Security; -using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - public class SaberKemGenerator + public sealed class SaberKemGenerator : IEncapsulatedSecretGenerator { // the source of randomness @@ -15,18 +12,17 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber public SaberKemGenerator(SecureRandom random) { - this.sr = random; + this.sr = CryptoServicesRegistrar.GetSecureRandom(random); } public ISecretWithEncapsulation GenerateEncapsulated(AsymmetricKeyParameter recipientKey) { - SaberPublicKeyParameters key = (SaberPublicKeyParameters) recipientKey; - SABEREngine engine = key.GetParameters().GetEngine(); + SaberPublicKeyParameters key = (SaberPublicKeyParameters)recipientKey; + SaberEngine engine = key.Parameters.Engine; byte[] cipher_text = new byte[engine.GetCipherTextSize()]; byte[] sessionKey = new byte[engine.GetSessionKeySize()]; - engine.crypto_kem_enc(cipher_text, sessionKey, key.PublicKey, sr); + engine.crypto_kem_enc(cipher_text, sessionKey, key.GetPublicKey(), sr); return new SecretWithEncapsulationImpl(sessionKey, cipher_text); } - } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABERKeyGenerationParameters.cs b/crypto/src/pqc/crypto/saber/SABERKeyGenerationParameters.cs index 038c191ef..c76ec6234 100644 --- a/crypto/src/pqc/crypto/saber/SABERKeyGenerationParameters.cs +++ b/crypto/src/pqc/crypto/saber/SABERKeyGenerationParameters.cs @@ -1,17 +1,14 @@ - using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Security; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - public class SaberKeyGenerationParameters + public sealed class SaberKeyGenerationParameters : KeyGenerationParameters { private SaberParameters parameters; - public SaberKeyGenerationParameters( - SecureRandom random, - SaberParameters saberParameters) + public SaberKeyGenerationParameters(SecureRandom random, SaberParameters saberParameters) : base(random, 256) { this.parameters = saberParameters; @@ -19,4 +16,4 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber public SaberParameters Parameters => parameters; } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs b/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs index 73209b18b..1407f74a3 100644 --- a/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs +++ b/crypto/src/pqc/crypto/saber/SABERKeyPairGenerator.cs @@ -1,4 +1,3 @@ - using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Security; @@ -16,7 +15,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber private void Initialize( KeyGenerationParameters param) { - this.saberParams = (SaberKeyGenerationParameters) param; + this.saberParams = (SaberKeyGenerationParameters)param; this.random = param.Random; this.l = this.saberParams.Parameters.L; @@ -24,7 +23,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber private AsymmetricCipherKeyPair GenKeyPair() { - SABEREngine engine = saberParams.Parameters.GetEngine(); + SaberEngine engine = saberParams.Parameters.Engine; byte[] sk = new byte[engine.GetPrivateKeySize()]; byte[] pk = new byte[engine.GetPublicKeySize()]; engine.crypto_kem_keypair(pk, sk, random); @@ -44,4 +43,4 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber return GenKeyPair(); } } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABERKeyParameters.cs b/crypto/src/pqc/crypto/saber/SABERKeyParameters.cs index e5a9e767e..d83d2e3ea 100644 --- a/crypto/src/pqc/crypto/saber/SABERKeyParameters.cs +++ b/crypto/src/pqc/crypto/saber/SABERKeyParameters.cs @@ -1,24 +1,18 @@ - using Org.BouncyCastle.Crypto; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - public class SaberKeyParameters + public abstract class SaberKeyParameters : AsymmetricKeyParameter { - private SaberParameters parameters; + private readonly SaberParameters parameters; - public SaberKeyParameters( - bool isPrivate, - SaberParameters parameters) + public SaberKeyParameters(bool isPrivate, SaberParameters parameters) : base(isPrivate) { this.parameters = parameters; } - public SaberParameters GetParameters() - { - return parameters; - } + public SaberParameters Parameters => parameters; } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABERParameters.cs b/crypto/src/pqc/crypto/saber/SABERParameters.cs index 357430d50..8cc9b468c 100644 --- a/crypto/src/pqc/crypto/saber/SABERParameters.cs +++ b/crypto/src/pqc/crypto/saber/SABERParameters.cs @@ -1,5 +1,3 @@ - -using System; using Org.BouncyCastle.Crypto; namespace Org.BouncyCastle.Pqc.Crypto.Saber @@ -19,17 +17,17 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber public static SaberParameters saberkem256r3 = new SaberParameters("saberkem256r3", 3, 256); public static SaberParameters firesaberkem256r3 = new SaberParameters("firesaberkem256r3", 4, 256); - private string name; - private int l; - private int defaultKeySize; - private SABEREngine engine; + private readonly string name; + private readonly int l; + private readonly int defaultKeySize; + private readonly SaberEngine engine; - public SaberParameters(string name, int l, int defaultKeySize) + private SaberParameters(string name, int l, int defaultKeySize) { this.name = name; this.l = l; this.defaultKeySize = defaultKeySize; - this.engine = new SABEREngine(l, defaultKeySize); + this.engine = new SaberEngine(l, defaultKeySize); } public string Name => name; @@ -38,9 +36,6 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber public int DefaultKeySize => defaultKeySize; - internal SABEREngine GetEngine() - { - return engine; - } + internal SaberEngine Engine => engine; } } diff --git a/crypto/src/pqc/crypto/saber/SABERPrivateKeyParameters.cs b/crypto/src/pqc/crypto/saber/SABERPrivateKeyParameters.cs index ec4add8b5..6b708af73 100644 --- a/crypto/src/pqc/crypto/saber/SABERPrivateKeyParameters.cs +++ b/crypto/src/pqc/crypto/saber/SABERPrivateKeyParameters.cs @@ -2,15 +2,10 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - public class SaberPrivateKeyParameters + public sealed class SaberPrivateKeyParameters : SaberKeyParameters { - private byte[] privateKey; - - public byte[] GetPrivateKey() - { - return Arrays.Clone(privateKey); - } + private readonly byte[] privateKey; public SaberPrivateKeyParameters(SaberParameters parameters, byte[] privateKey) : base(true, parameters) @@ -22,5 +17,10 @@ namespace Org.BouncyCastle.Pqc.Crypto.Saber { return Arrays.Clone(privateKey); } + + public byte[] GetPrivateKey() + { + return Arrays.Clone(privateKey); + } } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SABERPublicKeyParameters.cs b/crypto/src/pqc/crypto/saber/SABERPublicKeyParameters.cs index dcac1ec3c..573ca2661 100644 --- a/crypto/src/pqc/crypto/saber/SABERPublicKeyParameters.cs +++ b/crypto/src/pqc/crypto/saber/SABERPublicKeyParameters.cs @@ -2,22 +2,25 @@ using Org.BouncyCastle.Utilities; namespace Org.BouncyCastle.Pqc.Crypto.Saber { - public class SaberPublicKeyParameters + public sealed class SaberPublicKeyParameters : SaberKeyParameters { - public byte[] publicKey; + public readonly byte[] publicKey; - public byte[] PublicKey => Arrays.Clone(publicKey); + public SaberPublicKeyParameters(SaberParameters parameters, byte[] publicKey) + : base(false, parameters) + { + this.publicKey = Arrays.Clone(publicKey); + } public byte[] GetEncoded() { - return PublicKey; + return Arrays.Clone(publicKey); } - public SaberPublicKeyParameters(SaberParameters parameters, byte[] publicKey) - : base(false, parameters) + public byte[] GetPublicKey() { - this.publicKey = Arrays.Clone(publicKey); + return Arrays.Clone(publicKey); } } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/saber/SaberUtilities.cs b/crypto/src/pqc/crypto/saber/SaberUtilities.cs new file mode 100644 index 000000000..d25eb8d2d --- /dev/null +++ b/crypto/src/pqc/crypto/saber/SaberUtilities.cs @@ -0,0 +1,273 @@ +namespace Org.BouncyCastle.Pqc.Crypto.Saber +{ + internal class SaberUtilities + { + private readonly int SABER_N; + private readonly int SABER_L; + private readonly int SABER_ET; + private readonly int SABER_POLYBYTES; + private readonly int SABER_EP; + private readonly int SABER_KEYBYTES; + + internal SaberUtilities(SaberEngine engine) + { + this.SABER_N = engine.N; + this.SABER_L = engine.L; + this.SABER_ET = engine.ET; + this.SABER_POLYBYTES = engine.PolyBytes; + this.SABER_EP = engine.EP; + this.SABER_KEYBYTES = engine.KeyBytes; + } + + public void POLT2BS(byte[] bytes, int byteIndex, short[] data) + { + short j, offset_byte, offset_data; + if (SABER_ET == 3) + { + for (j = 0; j < SABER_N / 8; j++) + { + offset_byte = (short) (3 * j); + offset_data = (short) (8 * j); + bytes[byteIndex + offset_byte + 0] = (byte) ((data[offset_data + 0] & 0x7) | + ((data[offset_data + 1] & 0x7) << 3) | + ((data[offset_data + 2] & 0x3) << 6)); + bytes[byteIndex + offset_byte + 1] = (byte) (((data[offset_data + 2] >> 2) & 0x01) | + ((data[offset_data + 3] & 0x7) << 1) | + ((data[offset_data + 4] & 0x7) << 4) | + (((data[offset_data + 5]) & 0x01) << 7)); + bytes[byteIndex + offset_byte + 2] = (byte) (((data[offset_data + 5] >> 1) & 0x03) | + ((data[offset_data + 6] & 0x7) << 2) | + ((data[offset_data + 7] & 0x7) << 5)); + } + } + else if (SABER_ET == 4) + { + for (j = 0; j < SABER_N / 2; j++) + { + offset_byte = j; + offset_data = (short) (2 * j); + bytes[byteIndex + offset_byte] = + (byte) ((data[offset_data] & 0x0f) | ((data[offset_data + 1] & 0x0f) << 4)); + } + } + else if (SABER_ET == 6) + { + for (j = 0; j < SABER_N / 4; j++) + { + offset_byte = (short) (3 * j); + offset_data = (short) (4 * j); + bytes[byteIndex + offset_byte + 0] = + (byte) ((data[offset_data + 0] & 0x3f) | ((data[offset_data + 1] & 0x03) << 6)); + bytes[byteIndex + offset_byte + 1] = (byte) (((data[offset_data + 1] >> 2) & 0x0f) | + ((data[offset_data + 2] & 0x0f) << 4)); + bytes[byteIndex + offset_byte + 2] = (byte) (((data[offset_data + 2] >> 4) & 0x03) | + ((data[offset_data + 3] & 0x3f) << 2)); + } + } + } + + public void BS2POLT(byte[] bytes, int byteIndex, short[] data) + { + short j, offset_byte, offset_data; + if (SABER_ET == 3) + { + for (j = 0; j < SABER_N / 8; j++) + { + offset_byte = (short) (3 * j); + offset_data = (short) (8 * j); + data[offset_data + 0] = (short) ((bytes[byteIndex + offset_byte + 0]) & 0x07); + data[offset_data + 1] = (short) (((bytes[byteIndex + offset_byte + 0]) >> 3) & 0x07); + data[offset_data + 2] = (short) ((((bytes[byteIndex + offset_byte + 0]) >> 6) & 0x03) | + (((bytes[byteIndex + offset_byte + 1]) & 0x01) << 2)); + data[offset_data + 3] = (short) (((bytes[byteIndex + offset_byte + 1]) >> 1) & 0x07); + data[offset_data + 4] = (short) (((bytes[byteIndex + offset_byte + 1]) >> 4) & 0x07); + data[offset_data + 5] = (short) ((((bytes[byteIndex + offset_byte + 1]) >> 7) & 0x01) | + (((bytes[byteIndex + offset_byte + 2]) & 0x03) << 1)); + data[offset_data + 6] = (short) ((bytes[byteIndex + offset_byte + 2] >> 2) & 0x07); + data[offset_data + 7] = (short) ((bytes[byteIndex + offset_byte + 2] >> 5) & 0x07); + } + } + else if (SABER_ET == 4) + { + for (j = 0; j < SABER_N / 2; j++) + { + offset_byte = j; + offset_data = (short) (2 * j); + data[offset_data] = (short) (bytes[byteIndex + offset_byte] & 0x0f); + data[offset_data + 1] = (short) ((bytes[byteIndex + offset_byte] >> 4) & 0x0f); + } + } + else if (SABER_ET == 6) + { + for (j = 0; j < SABER_N / 4; j++) + { + offset_byte = (short) (3 * j); + offset_data = (short) (4 * j); + data[offset_data + 0] = (short) (bytes[byteIndex + offset_byte + 0] & 0x3f); + data[offset_data + 1] = (short) (((bytes[byteIndex + offset_byte + 0] >> 6) & 0x03) | + ((bytes[byteIndex + offset_byte + 1] & 0x0f) << 2)); + data[offset_data + 2] = (short) (((bytes[byteIndex + offset_byte + 1] & 0xff) >> 4) | + ((bytes[byteIndex + offset_byte + 2] & 0x03) << 4)); + data[offset_data + 3] = (short) ((bytes[byteIndex + offset_byte + 2] & 0xff) >> 2); + } + } + + } + + private void POLq2BS(byte[] bytes, int byteIndex, short[] data) + { + short j, offset_byte, offset_data; + for (j = 0; j < SABER_N / 8; j++) + { + offset_byte = (short) (13 * j); + offset_data = (short) (8 * j); + bytes[byteIndex + offset_byte + 0] = (byte) (data[offset_data + 0] & (0xff)); + bytes[byteIndex + offset_byte + 1] = + (byte) (((data[offset_data + 0] >> 8) & 0x1f) | ((data[offset_data + 1] & 0x07) << 5)); + bytes[byteIndex + offset_byte + 2] = (byte) ((data[offset_data + 1] >> 3) & 0xff); + bytes[byteIndex + offset_byte + 3] = + (byte) (((data[offset_data + 1] >> 11) & 0x03) | ((data[offset_data + 2] & 0x3f) << 2)); + bytes[byteIndex + offset_byte + 4] = + (byte) (((data[offset_data + 2] >> 6) & 0x7f) | ((data[offset_data + 3] & 0x01) << 7)); + bytes[byteIndex + offset_byte + 5] = (byte) ((data[offset_data + 3] >> 1) & 0xff); + bytes[byteIndex + offset_byte + 6] = + (byte) (((data[offset_data + 3] >> 9) & 0x0f) | ((data[offset_data + 4] & 0x0f) << 4)); + bytes[byteIndex + offset_byte + 7] = (byte) ((data[offset_data + 4] >> 4) & 0xff); + bytes[byteIndex + offset_byte + 8] = + (byte) (((data[offset_data + 4] >> 12) & 0x01) | ((data[offset_data + 5] & 0x7f) << 1)); + bytes[byteIndex + offset_byte + 9] = + (byte) (((data[offset_data + 5] >> 7) & 0x3f) | ((data[offset_data + 6] & 0x03) << 6)); + bytes[byteIndex + offset_byte + 10] = (byte) ((data[offset_data + 6] >> 2) & 0xff); + bytes[byteIndex + offset_byte + 11] = + (byte) (((data[offset_data + 6] >> 10) & 0x07) | ((data[offset_data + 7] & 0x1f) << 3)); + bytes[byteIndex + offset_byte + 12] = (byte) ((data[offset_data + 7] >> 5) & 0xff); + } + } + + private void BS2POLq(byte[] bytes, int byteIndex, short[] data) + { + short j, offset_byte, offset_data; + for (j = 0; j < SABER_N / 8; j++) + { + offset_byte = (short) (13 * j); + offset_data = (short) (8 * j); + data[offset_data + 0] = (short) ((bytes[byteIndex + offset_byte + 0] & (0xff)) | + ((bytes[byteIndex + offset_byte + 1] & 0x1f) << 8)); + data[offset_data + 1] = (short) ((bytes[byteIndex + offset_byte + 1] >> 5 & (0x07)) | + ((bytes[byteIndex + offset_byte + 2] & 0xff) << 3) | + ((bytes[byteIndex + offset_byte + 3] & 0x03) << 11)); + data[offset_data + 2] = (short) ((bytes[byteIndex + offset_byte + 3] >> 2 & (0x3f)) | + ((bytes[byteIndex + offset_byte + 4] & 0x7f) << 6)); + data[offset_data + 3] = (short) ((bytes[byteIndex + offset_byte + 4] >> 7 & (0x01)) | + ((bytes[byteIndex + offset_byte + 5] & 0xff) << 1) | + ((bytes[byteIndex + offset_byte + 6] & 0x0f) << 9)); + data[offset_data + 4] = (short) ((bytes[byteIndex + offset_byte + 6] >> 4 & (0x0f)) | + ((bytes[byteIndex + offset_byte + 7] & 0xff) << 4) | + ((bytes[byteIndex + offset_byte + 8] & 0x01) << 12)); + data[offset_data + 5] = (short) ((bytes[byteIndex + offset_byte + 8] >> 1 & (0x7f)) | + ((bytes[byteIndex + offset_byte + 9] & 0x3f) << 7)); + data[offset_data + 6] = (short) ((bytes[byteIndex + offset_byte + 9] >> 6 & (0x03)) | + ((bytes[byteIndex + offset_byte + 10] & 0xff) << 2) | + ((bytes[byteIndex + offset_byte + 11] & 0x07) << 10)); + data[offset_data + 7] = (short) ((bytes[byteIndex + offset_byte + 11] >> 3 & (0x1f)) | + ((bytes[byteIndex + offset_byte + 12] & 0xff) << 5)); + } + } + + private void POLp2BS(byte[] bytes, int byteIndex, short[] data) + { + short j, offset_byte, offset_data; + for (j = 0; j < SABER_N / 4; j++) + { + offset_byte = (short) (5 * j); + offset_data = (short) (4 * j); + bytes[byteIndex + offset_byte + 0] = (byte) (data[offset_data + 0] & (0xff)); + bytes[byteIndex + offset_byte + 1] = + (byte) (((data[offset_data + 0] >> 8) & 0x03) | ((data[offset_data + 1] & 0x3f) << 2)); + bytes[byteIndex + offset_byte + 2] = + (byte) (((data[offset_data + 1] >> 6) & 0x0f) | ((data[offset_data + 2] & 0x0f) << 4)); + bytes[byteIndex + offset_byte + 3] = + (byte) (((data[offset_data + 2] >> 4) & 0x3f) | ((data[offset_data + 3] & 0x03) << 6)); + bytes[byteIndex + offset_byte + 4] = (byte) ((data[offset_data + 3] >> 2) & 0xff); + } + } + + public void BS2POLp(byte[] bytes, int byteIndex, short[] data) + { + short j, offset_byte, offset_data; + for (j = 0; j < SABER_N / 4; j++) + { + offset_byte = (short) (5 * j); + offset_data = (short) (4 * j); + data[offset_data + 0] = (short) ((bytes[byteIndex + offset_byte + 0] & (0xff)) | + ((bytes[byteIndex + offset_byte + 1] & 0x03) << 8)); + data[offset_data + 1] = (short) (((bytes[byteIndex + offset_byte + 1] >> 2) & (0x3f)) | + ((bytes[byteIndex + offset_byte + 2] & 0x0f) << 6)); + data[offset_data + 2] = (short) (((bytes[byteIndex + offset_byte + 2] >> 4) & (0x0f)) | + ((bytes[byteIndex + offset_byte + 3] & 0x3f) << 4)); + data[offset_data + 3] = (short) (((bytes[byteIndex + offset_byte + 3] >> 6) & (0x03)) | + ((bytes[byteIndex + offset_byte + 4] & 0xff) << 2)); + } + } + + public void POLVECq2BS(byte[] bytes, short[][] data) + { + byte i; + for (i = 0; i < SABER_L; i++) + { + POLq2BS(bytes, i * SABER_POLYBYTES, data[i]); + } + } + + public void BS2POLVECq(byte[] bytes, int byteIndex, short[][] data) + { + byte i; + for (i = 0; i < SABER_L; i++) + { + BS2POLq(bytes, byteIndex + i * SABER_POLYBYTES, data[i]); + } + } + + public void POLVECp2BS(byte[] bytes, short[][] data) + { + byte i; + for (i = 0; i < SABER_L; i++) + { + POLp2BS(bytes, i * (SABER_EP * SABER_N / 8), data[i]); + } + } + + public void BS2POLVECp(byte[] bytes, short[][] data) + { + byte i; + for (i = 0; i < SABER_L; i++) + { + BS2POLp(bytes, i * (SABER_EP * SABER_N / 8), data[i]); + } + } + + public void BS2POLmsg(byte[] bytes, short[] data) + { + byte i, j; + for (j = 0; j < SABER_KEYBYTES; j++) + { + for (i = 0; i < 8; i++) + { + data[j * 8 + i] = (short) ((bytes[j] >> i) & 0x01); + } + } + } + + public void POLmsg2BS(byte[] bytes, short[] data) + { + byte i, j; + for (j = 0; j < SABER_KEYBYTES; j++) + { + for (i = 0; i < 8; i++) + { + bytes[j] = (byte) (bytes[j] | ((data[j * 8 + i] & 0x01) << i)); + } + } + } + } +} diff --git a/crypto/src/pqc/crypto/saber/Utils.cs b/crypto/src/pqc/crypto/saber/Utils.cs deleted file mode 100644 index ff74ef1cb..000000000 --- a/crypto/src/pqc/crypto/saber/Utils.cs +++ /dev/null @@ -1,274 +0,0 @@ -namespace Org.BouncyCastle.Pqc.Crypto.Saber -{ - internal class Utils - { - - private int SABER_N; - private int SABER_L; - private int SABER_ET; - private int SABER_POLYBYTES; - private int SABER_EP; - private int SABER_KEYBYTES; - - internal Utils(SABEREngine engine) - { - this.SABER_N = engine.getSABER_N(); - this.SABER_L = engine.getSABER_L(); - this.SABER_ET = engine.getSABER_ET(); - this.SABER_POLYBYTES = engine.getSABER_POLYBYTES(); - this.SABER_EP = engine.getSABER_EP(); - this.SABER_KEYBYTES = engine.getSABER_KEYBYTES(); - } - - public void POLT2BS(byte[] bytes, int byteIndex, short[] data) - { - short j, offset_byte, offset_data; - if (SABER_ET == 3) - { - for (j = 0; j < SABER_N / 8; j++) - { - offset_byte = (short) (3 * j); - offset_data = (short) (8 * j); - bytes[byteIndex + offset_byte + 0] = (byte) ((data[offset_data + 0] & 0x7) | - ((data[offset_data + 1] & 0x7) << 3) | - ((data[offset_data + 2] & 0x3) << 6)); - bytes[byteIndex + offset_byte + 1] = (byte) (((data[offset_data + 2] >> 2) & 0x01) | - ((data[offset_data + 3] & 0x7) << 1) | - ((data[offset_data + 4] & 0x7) << 4) | - (((data[offset_data + 5]) & 0x01) << 7)); - bytes[byteIndex + offset_byte + 2] = (byte) (((data[offset_data + 5] >> 1) & 0x03) | - ((data[offset_data + 6] & 0x7) << 2) | - ((data[offset_data + 7] & 0x7) << 5)); - } - } - else if (SABER_ET == 4) - { - for (j = 0; j < SABER_N / 2; j++) - { - offset_byte = j; - offset_data = (short) (2 * j); - bytes[byteIndex + offset_byte] = - (byte) ((data[offset_data] & 0x0f) | ((data[offset_data + 1] & 0x0f) << 4)); - } - } - else if (SABER_ET == 6) - { - for (j = 0; j < SABER_N / 4; j++) - { - offset_byte = (short) (3 * j); - offset_data = (short) (4 * j); - bytes[byteIndex + offset_byte + 0] = - (byte) ((data[offset_data + 0] & 0x3f) | ((data[offset_data + 1] & 0x03) << 6)); - bytes[byteIndex + offset_byte + 1] = (byte) (((data[offset_data + 1] >> 2) & 0x0f) | - ((data[offset_data + 2] & 0x0f) << 4)); - bytes[byteIndex + offset_byte + 2] = (byte) (((data[offset_data + 2] >> 4) & 0x03) | - ((data[offset_data + 3] & 0x3f) << 2)); - } - } - } - - public void BS2POLT(byte[] bytes, int byteIndex, short[] data) - { - short j, offset_byte, offset_data; - if (SABER_ET == 3) - { - for (j = 0; j < SABER_N / 8; j++) - { - offset_byte = (short) (3 * j); - offset_data = (short) (8 * j); - data[offset_data + 0] = (short) ((bytes[byteIndex + offset_byte + 0]) & 0x07); - data[offset_data + 1] = (short) (((bytes[byteIndex + offset_byte + 0]) >> 3) & 0x07); - data[offset_data + 2] = (short) ((((bytes[byteIndex + offset_byte + 0]) >> 6) & 0x03) | - (((bytes[byteIndex + offset_byte + 1]) & 0x01) << 2)); - data[offset_data + 3] = (short) (((bytes[byteIndex + offset_byte + 1]) >> 1) & 0x07); - data[offset_data + 4] = (short) (((bytes[byteIndex + offset_byte + 1]) >> 4) & 0x07); - data[offset_data + 5] = (short) ((((bytes[byteIndex + offset_byte + 1]) >> 7) & 0x01) | - (((bytes[byteIndex + offset_byte + 2]) & 0x03) << 1)); - data[offset_data + 6] = (short) ((bytes[byteIndex + offset_byte + 2] >> 2) & 0x07); - data[offset_data + 7] = (short) ((bytes[byteIndex + offset_byte + 2] >> 5) & 0x07); - } - } - else if (SABER_ET == 4) - { - for (j = 0; j < SABER_N / 2; j++) - { - offset_byte = j; - offset_data = (short) (2 * j); - data[offset_data] = (short) (bytes[byteIndex + offset_byte] & 0x0f); - data[offset_data + 1] = (short) ((bytes[byteIndex + offset_byte] >> 4) & 0x0f); - } - } - else if (SABER_ET == 6) - { - for (j = 0; j < SABER_N / 4; j++) - { - offset_byte = (short) (3 * j); - offset_data = (short) (4 * j); - data[offset_data + 0] = (short) (bytes[byteIndex + offset_byte + 0] & 0x3f); - data[offset_data + 1] = (short) (((bytes[byteIndex + offset_byte + 0] >> 6) & 0x03) | - ((bytes[byteIndex + offset_byte + 1] & 0x0f) << 2)); - data[offset_data + 2] = (short) (((bytes[byteIndex + offset_byte + 1] & 0xff) >> 4) | - ((bytes[byteIndex + offset_byte + 2] & 0x03) << 4)); - data[offset_data + 3] = (short) ((bytes[byteIndex + offset_byte + 2] & 0xff) >> 2); - } - } - - } - - private void POLq2BS(byte[] bytes, int byteIndex, short[] data) - { - short j, offset_byte, offset_data; - for (j = 0; j < SABER_N / 8; j++) - { - offset_byte = (short) (13 * j); - offset_data = (short) (8 * j); - bytes[byteIndex + offset_byte + 0] = (byte) (data[offset_data + 0] & (0xff)); - bytes[byteIndex + offset_byte + 1] = - (byte) (((data[offset_data + 0] >> 8) & 0x1f) | ((data[offset_data + 1] & 0x07) << 5)); - bytes[byteIndex + offset_byte + 2] = (byte) ((data[offset_data + 1] >> 3) & 0xff); - bytes[byteIndex + offset_byte + 3] = - (byte) (((data[offset_data + 1] >> 11) & 0x03) | ((data[offset_data + 2] & 0x3f) << 2)); - bytes[byteIndex + offset_byte + 4] = - (byte) (((data[offset_data + 2] >> 6) & 0x7f) | ((data[offset_data + 3] & 0x01) << 7)); - bytes[byteIndex + offset_byte + 5] = (byte) ((data[offset_data + 3] >> 1) & 0xff); - bytes[byteIndex + offset_byte + 6] = - (byte) (((data[offset_data + 3] >> 9) & 0x0f) | ((data[offset_data + 4] & 0x0f) << 4)); - bytes[byteIndex + offset_byte + 7] = (byte) ((data[offset_data + 4] >> 4) & 0xff); - bytes[byteIndex + offset_byte + 8] = - (byte) (((data[offset_data + 4] >> 12) & 0x01) | ((data[offset_data + 5] & 0x7f) << 1)); - bytes[byteIndex + offset_byte + 9] = - (byte) (((data[offset_data + 5] >> 7) & 0x3f) | ((data[offset_data + 6] & 0x03) << 6)); - bytes[byteIndex + offset_byte + 10] = (byte) ((data[offset_data + 6] >> 2) & 0xff); - bytes[byteIndex + offset_byte + 11] = - (byte) (((data[offset_data + 6] >> 10) & 0x07) | ((data[offset_data + 7] & 0x1f) << 3)); - bytes[byteIndex + offset_byte + 12] = (byte) ((data[offset_data + 7] >> 5) & 0xff); - } - } - - private void BS2POLq(byte[] bytes, int byteIndex, short[] data) - { - short j, offset_byte, offset_data; - for (j = 0; j < SABER_N / 8; j++) - { - offset_byte = (short) (13 * j); - offset_data = (short) (8 * j); - data[offset_data + 0] = (short) ((bytes[byteIndex + offset_byte + 0] & (0xff)) | - ((bytes[byteIndex + offset_byte + 1] & 0x1f) << 8)); - data[offset_data + 1] = (short) ((bytes[byteIndex + offset_byte + 1] >> 5 & (0x07)) | - ((bytes[byteIndex + offset_byte + 2] & 0xff) << 3) | - ((bytes[byteIndex + offset_byte + 3] & 0x03) << 11)); - data[offset_data + 2] = (short) ((bytes[byteIndex + offset_byte + 3] >> 2 & (0x3f)) | - ((bytes[byteIndex + offset_byte + 4] & 0x7f) << 6)); - data[offset_data + 3] = (short) ((bytes[byteIndex + offset_byte + 4] >> 7 & (0x01)) | - ((bytes[byteIndex + offset_byte + 5] & 0xff) << 1) | - ((bytes[byteIndex + offset_byte + 6] & 0x0f) << 9)); - data[offset_data + 4] = (short) ((bytes[byteIndex + offset_byte + 6] >> 4 & (0x0f)) | - ((bytes[byteIndex + offset_byte + 7] & 0xff) << 4) | - ((bytes[byteIndex + offset_byte + 8] & 0x01) << 12)); - data[offset_data + 5] = (short) ((bytes[byteIndex + offset_byte + 8] >> 1 & (0x7f)) | - ((bytes[byteIndex + offset_byte + 9] & 0x3f) << 7)); - data[offset_data + 6] = (short) ((bytes[byteIndex + offset_byte + 9] >> 6 & (0x03)) | - ((bytes[byteIndex + offset_byte + 10] & 0xff) << 2) | - ((bytes[byteIndex + offset_byte + 11] & 0x07) << 10)); - data[offset_data + 7] = (short) ((bytes[byteIndex + offset_byte + 11] >> 3 & (0x1f)) | - ((bytes[byteIndex + offset_byte + 12] & 0xff) << 5)); - } - } - - private void POLp2BS(byte[] bytes, int byteIndex, short[] data) - { - short j, offset_byte, offset_data; - for (j = 0; j < SABER_N / 4; j++) - { - offset_byte = (short) (5 * j); - offset_data = (short) (4 * j); - bytes[byteIndex + offset_byte + 0] = (byte) (data[offset_data + 0] & (0xff)); - bytes[byteIndex + offset_byte + 1] = - (byte) (((data[offset_data + 0] >> 8) & 0x03) | ((data[offset_data + 1] & 0x3f) << 2)); - bytes[byteIndex + offset_byte + 2] = - (byte) (((data[offset_data + 1] >> 6) & 0x0f) | ((data[offset_data + 2] & 0x0f) << 4)); - bytes[byteIndex + offset_byte + 3] = - (byte) (((data[offset_data + 2] >> 4) & 0x3f) | ((data[offset_data + 3] & 0x03) << 6)); - bytes[byteIndex + offset_byte + 4] = (byte) ((data[offset_data + 3] >> 2) & 0xff); - } - } - - public void BS2POLp(byte[] bytes, int byteIndex, short[] data) - { - short j, offset_byte, offset_data; - for (j = 0; j < SABER_N / 4; j++) - { - offset_byte = (short) (5 * j); - offset_data = (short) (4 * j); - data[offset_data + 0] = (short) ((bytes[byteIndex + offset_byte + 0] & (0xff)) | - ((bytes[byteIndex + offset_byte + 1] & 0x03) << 8)); - data[offset_data + 1] = (short) (((bytes[byteIndex + offset_byte + 1] >> 2) & (0x3f)) | - ((bytes[byteIndex + offset_byte + 2] & 0x0f) << 6)); - data[offset_data + 2] = (short) (((bytes[byteIndex + offset_byte + 2] >> 4) & (0x0f)) | - ((bytes[byteIndex + offset_byte + 3] & 0x3f) << 4)); - data[offset_data + 3] = (short) (((bytes[byteIndex + offset_byte + 3] >> 6) & (0x03)) | - ((bytes[byteIndex + offset_byte + 4] & 0xff) << 2)); - } - } - - public void POLVECq2BS(byte[] bytes, short[][] data) - { - byte i; - for (i = 0; i < SABER_L; i++) - { - POLq2BS(bytes, i * SABER_POLYBYTES, data[i]); - } - } - - public void BS2POLVECq(byte[] bytes, int byteIndex, short[][] data) - { - byte i; - for (i = 0; i < SABER_L; i++) - { - BS2POLq(bytes, byteIndex + i * SABER_POLYBYTES, data[i]); - } - } - - public void POLVECp2BS(byte[] bytes, short[][] data) - { - byte i; - for (i = 0; i < SABER_L; i++) - { - POLp2BS(bytes, i * (SABER_EP * SABER_N / 8), data[i]); - } - } - - public void BS2POLVECp(byte[] bytes, short[][] data) - { - byte i; - for (i = 0; i < SABER_L; i++) - { - BS2POLp(bytes, i * (SABER_EP * SABER_N / 8), data[i]); - } - } - - public void BS2POLmsg(byte[] bytes, short[] data) - { - byte i, j; - for (j = 0; j < SABER_KEYBYTES; j++) - { - for (i = 0; i < 8; i++) - { - data[j * 8 + i] = (short) ((bytes[j] >> i) & 0x01); - } - } - } - - public void POLmsg2BS(byte[] bytes, short[] data) - { - byte i, j; - for (j = 0; j < SABER_KEYBYTES; j++) - { - for (i = 0; i < 8; i++) - { - bytes[j] = (byte) (bytes[j] | ((data[j * 8 + i] & 0x01) << i)); - } - } - } - } -} \ No newline at end of file diff --git a/crypto/src/pqc/crypto/utils/PrivateKeyInfoFactory.cs b/crypto/src/pqc/crypto/utils/PrivateKeyInfoFactory.cs index be2807b19..5e09beccc 100644 --- a/crypto/src/pqc/crypto/utils/PrivateKeyInfoFactory.cs +++ b/crypto/src/pqc/crypto/utils/PrivateKeyInfoFactory.cs @@ -85,7 +85,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities byte[] encoding = parameters.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.SaberOidLookup(parameters.GetParameters())); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.SaberOidLookup(parameters.Parameters)); return new PrivateKeyInfo(algorithmIdentifier, new DerOctetString(encoding), attributes); } @@ -95,7 +96,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities byte[] encoding = parameters.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.PicnicOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.PicnicOidLookup(parameters.Parameters)); return new PrivateKeyInfo(algorithmIdentifier, new DerOctetString(encoding), attributes); } if (privateKey is SIKEPrivateKeyParameters) @@ -104,7 +106,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities byte[] encoding = parameters.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.SikeOidLookup(parameters.GetParameters())); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.SikeOidLookup(parameters.GetParameters())); return new PrivateKeyInfo(algorithmIdentifier, new DerOctetString(encoding), attributes); } if (privateKey is FalconPrivateKeyParameters) @@ -118,7 +121,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities v.Add(new DerOctetString(parameters.GetG())); v.Add(new DerOctetString(parameters.GetSpolyF())); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.FalconOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.FalconOidLookup(parameters.Parameters)); return new PrivateKeyInfo(algorithmIdentifier, new DerSequence(v), attributes, parameters.GetPublicKey()); } @@ -133,7 +137,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities v.Add(new DerOctetString(parameters.Hpk)); v.Add(new DerOctetString(parameters.Nonce)); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.KyberOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.KyberOidLookup(parameters.Parameters)); Asn1EncodableVector vPub = new Asn1EncodableVector(); vPub.Add(new DerOctetString(parameters.T)); @@ -155,13 +160,15 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities v.Add(new DerBitString(parameters.S2)); v.Add(new DerBitString(parameters.T0)); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.DilithiumOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.DilithiumOidLookup(parameters.Parameters)); Asn1EncodableVector vPub = new Asn1EncodableVector(); vPub.Add(new DerOctetString(parameters.Rho)); vPub.Add(new DerOctetString(parameters.T1)); - return new PrivateKeyInfo(algorithmIdentifier, new DerSequence(v), attributes, new DerSequence(vPub).GetEncoded()); + return new PrivateKeyInfo(algorithmIdentifier, new DerSequence(v), attributes, + new DerSequence(vPub).GetEncoded()); } if (privateKey is BikePrivateKeyParameters bikePrivateKeyParameters) { @@ -182,4 +189,4 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities throw new ArgumentException("Class provided is not convertible: " + Platform.GetTypeName(privateKey)); } } -} \ No newline at end of file +} diff --git a/crypto/src/pqc/crypto/utils/SubjectPublicKeyInfoFactory.cs b/crypto/src/pqc/crypto/utils/SubjectPublicKeyInfoFactory.cs index e44a91a26..4c527d283 100644 --- a/crypto/src/pqc/crypto/utils/SubjectPublicKeyInfoFactory.cs +++ b/crypto/src/pqc/crypto/utils/SubjectPublicKeyInfoFactory.cs @@ -71,7 +71,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities byte[] encoding = key.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.McElieceOidLookup(key.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.McElieceOidLookup(key.Parameters)); // https://datatracker.ietf.org/doc/draft-uni-qsckeys/ return new SubjectPublicKeyInfo(algorithmIdentifier, new CmcePublicKey(encoding)); @@ -82,7 +83,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities byte[] encoding = parameters.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.SaberOidLookup(parameters.GetParameters())); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.SaberOidLookup(parameters.Parameters)); // https://datatracker.ietf.org/doc/draft-uni-qsckeys/ return new SubjectPublicKeyInfo(algorithmIdentifier, new DerSequence(new DerOctetString(encoding))); @@ -93,7 +95,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities byte[] encoding = parameters.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.PicnicOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.PicnicOidLookup(parameters.Parameters)); return new SubjectPublicKeyInfo(algorithmIdentifier, new DerOctetString(encoding)); } if (publicKey is SIKEPublicKeyParameters) @@ -102,7 +105,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities byte[] encoding = parameters.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.SikeOidLookup(parameters.GetParameters())); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.SikeOidLookup(parameters.GetParameters())); return new SubjectPublicKeyInfo(algorithmIdentifier, new DerOctetString(encoding)); } if (publicKey is FalconPublicKeyParameters) @@ -110,7 +114,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities FalconPublicKeyParameters parameters = (FalconPublicKeyParameters)publicKey; byte[] encoding = parameters.GetEncoded(); - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.FalconOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.FalconOidLookup(parameters.Parameters)); return new SubjectPublicKeyInfo(algorithmIdentifier, new DerSequence(new DerOctetString(encoding))); } @@ -118,7 +123,8 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities { KyberPublicKeyParameters parameters = (KyberPublicKeyParameters)publicKey; - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.KyberOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.KyberOidLookup(parameters.Parameters)); Asn1EncodableVector v = new Asn1EncodableVector(); v.Add(new DerOctetString(parameters.T)); v.Add(new DerOctetString(parameters.Rho)); @@ -128,9 +134,11 @@ namespace Org.BouncyCastle.Pqc.Crypto.Utilities { DilithiumPublicKeyParameters parameters = (DilithiumPublicKeyParameters)publicKey; - AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PqcUtilities.DilithiumOidLookup(parameters.Parameters)); + AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier( + PqcUtilities.DilithiumOidLookup(parameters.Parameters)); - return new SubjectPublicKeyInfo(algorithmIdentifier, new DerOctetString(Arrays.Concatenate(parameters.Rho, parameters.T1))); + return new SubjectPublicKeyInfo(algorithmIdentifier, + new DerOctetString(Arrays.Concatenate(parameters.Rho, parameters.T1))); } if (publicKey is BikePublicKeyParameters bikePublicKeyParameters) { diff --git a/crypto/test/src/pqc/crypto/test/SaberVectorTest.cs b/crypto/test/src/pqc/crypto/test/SaberVectorTest.cs index 5da8828cc..45a14d965 100644 --- a/crypto/test/src/pqc/crypto/test/SaberVectorTest.cs +++ b/crypto/test/src/pqc/crypto/test/SaberVectorTest.cs @@ -88,7 +88,7 @@ namespace Org.BouncyCastle.Pqc.Crypto.Tests SaberPrivateKeyParameters privParams = (SaberPrivateKeyParameters)PrivateKeyFactory.CreateKey( PrivateKeyInfoFactory.CreatePrivateKeyInfo((SaberPrivateKeyParameters)kp.Private)); - Assert.True(Arrays.AreEqual(pk, pubParams.PublicKey), name + " " + count + ": public key"); + Assert.True(Arrays.AreEqual(pk, pubParams.GetPublicKey()), name + " " + count + ": public key"); Assert.True(Arrays.AreEqual(sk, privParams.GetPrivateKey()), name + " " + count + ": secret key"); // KEM Enc -- cgit 1.4.1