From d5203458eca8e5ff5463b5d92f0d4e85b884731a Mon Sep 17 00:00:00 2001 From: Peter Dettman Date: Thu, 12 Jan 2023 18:04:43 +0700 Subject: Refactoring around ParametersWithRandom --- .../crypto/crystals/dilithium/DilithiumSigner.cs | 10 ++--- crypto/src/pqc/crypto/falcon/FalconNIST.cs | 15 +++---- crypto/src/pqc/crypto/falcon/FalconSigner.cs | 49 ++++++++++------------ .../pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs | 10 +++-- 4 files changed, 40 insertions(+), 44 deletions(-) (limited to 'crypto/src/pqc') diff --git a/crypto/src/pqc/crypto/crystals/dilithium/DilithiumSigner.cs b/crypto/src/pqc/crypto/crystals/dilithium/DilithiumSigner.cs index 89519f134..d60c24222 100644 --- a/crypto/src/pqc/crypto/crystals/dilithium/DilithiumSigner.cs +++ b/crypto/src/pqc/crypto/crystals/dilithium/DilithiumSigner.cs @@ -20,10 +20,10 @@ namespace Org.BouncyCastle.Pqc.Crypto.Crystals.Dilithium { if (forSigning) { - if (param is ParametersWithRandom) + if (param is ParametersWithRandom withRandom) { - privKey = (DilithiumPrivateKeyParameters)((ParametersWithRandom)param).Parameters; - random = ((ParametersWithRandom)param).Random; + privKey = (DilithiumPrivateKeyParameters)withRandom.Parameters; + random = withRandom.Random; } else { @@ -33,9 +33,9 @@ namespace Org.BouncyCastle.Pqc.Crypto.Crystals.Dilithium } else { - pubKey = (DilithiumPublicKeyParameters) param; + pubKey = (DilithiumPublicKeyParameters)param; + random = null; } - } public byte[] GenerateSignature(byte[] message) diff --git a/crypto/src/pqc/crypto/falcon/FalconNIST.cs b/crypto/src/pqc/crypto/falcon/FalconNIST.cs index 0bc2adcad..8371fc3d3 100644 --- a/crypto/src/pqc/crypto/falcon/FalconNIST.cs +++ b/crypto/src/pqc/crypto/falcon/FalconNIST.cs @@ -17,17 +17,12 @@ namespace Org.BouncyCastle.Pqc.Crypto.Falcon private int CRYPTO_PUBLICKEYBYTES; private int CRYPTO_SECRETKEYBYTES; - internal uint GetNonceLength() { - return this.noncelen; - } - internal uint GetLogn() { - return this.logn; - } - internal int GetCryptoBytes() { - return this.CRYPTO_BYTES; - } + internal uint NonceLength => this.noncelen; + internal uint LogN => this.logn; + internal int CryptoBytes => this.CRYPTO_BYTES; - internal FalconNist(SecureRandom random, uint logn, uint noncelen) { + internal FalconNist(SecureRandom random, uint logn, uint noncelen) + { this.logn = logn; this.codec = new FalconCodec(); this.common = new FalconCommon(); diff --git a/crypto/src/pqc/crypto/falcon/FalconSigner.cs b/crypto/src/pqc/crypto/falcon/FalconSigner.cs index abfbe3c17..7ad1385c7 100644 --- a/crypto/src/pqc/crypto/falcon/FalconSigner.cs +++ b/crypto/src/pqc/crypto/falcon/FalconSigner.cs @@ -2,6 +2,7 @@ using System; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Parameters; +using Org.BouncyCastle.Security; namespace Org.BouncyCastle.Pqc.Crypto.Falcon { @@ -13,57 +14,53 @@ namespace Org.BouncyCastle.Pqc.Crypto.Falcon public void Init(bool forSigning, ICipherParameters param) { + FalconParameters parameters; + SecureRandom random; + if (forSigning) { + FalconPrivateKeyParameters skparam; if (param is ParametersWithRandom withRandom) { - FalconPrivateKeyParameters skparam = (FalconPrivateKeyParameters)withRandom.Parameters; - encodedkey = skparam.GetEncoded(); - nist = new FalconNist( - withRandom.Random, - (uint)skparam.Parameters.LogN, - (uint)skparam.Parameters.NonceLength); + skparam = (FalconPrivateKeyParameters)withRandom.Parameters; + random = withRandom.Random; } else { - FalconPrivateKeyParameters skparam = (FalconPrivateKeyParameters)param; - encodedkey = ((FalconPrivateKeyParameters)param).GetEncoded(); - nist = new FalconNist( - CryptoServicesRegistrar.GetSecureRandom(), - (uint)skparam.Parameters.LogN, - (uint)skparam.Parameters.NonceLength); + skparam = (FalconPrivateKeyParameters)param; + random = CryptoServicesRegistrar.GetSecureRandom(); } + encodedkey = skparam.GetEncoded(); + parameters = skparam.Parameters; } else { FalconPublicKeyParameters pkparam = (FalconPublicKeyParameters)param; + random = null; encodedkey = pkparam.GetEncoded(); - nist = new FalconNist( - CryptoServicesRegistrar.GetSecureRandom(), - (uint)pkparam.Parameters.LogN, - (uint)pkparam.Parameters.NonceLength); + parameters = pkparam.Parameters; } + + nist = new FalconNist(random, (uint)parameters.LogN, (uint)parameters.NonceLength); } public byte[] GenerateSignature(byte[] message) { - byte[] sm = new byte[nist.GetCryptoBytes()]; + byte[] sm = new byte[nist.CryptoBytes]; return nist.crypto_sign(false, sm, message, 0, (uint)message.Length, encodedkey, 0); } public bool VerifySignature(byte[] message, byte[] signature) { - if (signature[0] != (byte)(0x30 + nist.GetLogn())) - { + if (signature[0] != (byte)(0x30 + nist.LogN)) return false; - } - byte[] nonce = new byte[nist.GetNonceLength()]; - byte[] sig = new byte[signature.Length - nist.GetNonceLength() - 1]; - Array.Copy(signature, 1, nonce, 0, nist.GetNonceLength()); - Array.Copy(signature, nist.GetNonceLength() + 1, sig, 0, signature.Length - nist.GetNonceLength() - 1); - bool res = nist.crypto_sign_open(false, sig,nonce,message,encodedkey,0) == 0; - return res; + + byte[] nonce = new byte[nist.NonceLength]; + byte[] sig = new byte[signature.Length - nist.NonceLength - 1]; + Array.Copy(signature, 1, nonce, 0, nist.NonceLength); + Array.Copy(signature, nist.NonceLength + 1, sig, 0, signature.Length - nist.NonceLength - 1); + return nist.crypto_sign_open(false, sig, nonce, message, encodedkey, 0) == 0; } } } diff --git a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs index 5c576eb15..275148209 100644 --- a/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs +++ b/crypto/src/pqc/crypto/sphincsplus/SPHINCSPlusSigner.cs @@ -36,19 +36,23 @@ namespace Org.BouncyCastle.Pqc.Crypto.SphincsPlus { if (forSigning) { - if (param is ParametersWithRandom parametersWithRandom) + m_pubKey = null; + if (param is ParametersWithRandom withRandom) { - m_privKey = (SphincsPlusPrivateKeyParameters)parametersWithRandom.Parameters; - m_random = parametersWithRandom.Random; + m_privKey = (SphincsPlusPrivateKeyParameters)withRandom.Parameters; + m_random = withRandom.Random; } else { m_privKey = (SphincsPlusPrivateKeyParameters)param; + m_random = null; } } else { m_pubKey = (SphincsPlusPublicKeyParameters)param; + m_privKey = null; + m_random = null; } } -- cgit 1.4.1