using Org.BouncyCastle.Asn1; using Org.BouncyCastle.Asn1.BC; using Org.BouncyCastle.Asn1.Pkcs; using Org.BouncyCastle.Crypto; using Org.BouncyCastle.Crypto.Utilities; using Org.BouncyCastle.Pqc.Asn1; using Org.BouncyCastle.Pqc.Crypto.Bike; using Org.BouncyCastle.Pqc.Crypto.Cmce; using Org.BouncyCastle.Pqc.Crypto.Crystals.Dilithium; using Org.BouncyCastle.Pqc.Crypto.Falcon; using Org.BouncyCastle.Pqc.Crypto.Frodo; using Org.BouncyCastle.Pqc.Crypto.Hqc; using Org.BouncyCastle.Pqc.Crypto.Lms; using Org.BouncyCastle.Pqc.Crypto.Ntru; using Org.BouncyCastle.Pqc.Crypto.Picnic; using Org.BouncyCastle.Pqc.Crypto.Saber; using Org.BouncyCastle.Pqc.Crypto.SphincsPlus; using Org.BouncyCastle.Utilities; using System; using System.IO; namespace Org.BouncyCastle.Pqc.Crypto.Utilities { public static class PqcPrivateKeyFactory { public static AsymmetricKeyParameter CreateKey(byte[] privateKeyInfoData) { return CreateKey(PrivateKeyInfo.GetInstance(privateKeyInfoData)); } public static AsymmetricKeyParameter CreateKey(Stream inStr) { return CreateKey(PrivateKeyInfo.GetInstance(Asn1Object.FromStream(inStr))); } public static AsymmetricKeyParameter CreateKey(PrivateKeyInfo keyInfo) { DerObjectIdentifier algorithm = keyInfo.PrivateKeyAlgorithm.Algorithm; if (algorithm.Equals(PkcsObjectIdentifiers.IdAlgHssLmsHashsig)) { byte[] octets = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets(); DerBitString publicKey = keyInfo.PublicKey; if (octets.Length >= 4 && Pack.BE_To_UInt32(octets, 0) == 1) { LmsPublicKeyParameters publicKey2 = null; if (publicKey != null) { byte[] octets2 = publicKey.GetOctets(); publicKey2 = LmsPublicKeyParameters.Parse(octets2, 4, octets2.Length - 4); } return LmsPrivateKeyParameters.Parse(octets, 4, octets.Length - 4, publicKey2); } throw new ArgumentException("invalid LMS private key"); } if (algorithm.On(BCObjectIdentifiers.pqc_kem_mceliece)) { CmcePrivateKey instance = CmcePrivateKey.GetInstance(keyInfo.ParsePrivateKey()); return new CmcePrivateKeyParameters(PqcUtilities.McElieceParamsLookup(algorithm), instance.Delta, instance.C, instance.G, instance.Alpha, instance.S); } if (algorithm.On(BCObjectIdentifiers.pqc_kem_frodo)) { byte[] octets3 = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets(); return new FrodoPrivateKeyParameters(PqcUtilities.FrodoParamsLookup(algorithm), octets3); } if (algorithm.On(BCObjectIdentifiers.sphincsPlus) || algorithm.On(BCObjectIdentifiers.sphincsPlus_interop)) { Asn1Encodable asn1Encodable = keyInfo.ParsePrivateKey(); SphincsPlusParameters parameters = PqcUtilities.SphincsPlusParamsLookup(algorithm); Asn1Sequence asn1Sequence = asn1Encodable as Asn1Sequence; if (asn1Sequence != null) { SphincsPlusPrivateKey instance2 = SphincsPlusPrivateKey.GetInstance(asn1Sequence); SphincsPlusPublicKey publicKey3 = instance2.PublicKey; return new SphincsPlusPrivateKeyParameters(parameters, instance2.GetSkseed(), instance2.GetSkprf(), publicKey3.GetPkseed(), publicKey3.GetPkroot()); } Asn1OctetString instance3 = Asn1OctetString.GetInstance(asn1Encodable); return new SphincsPlusPrivateKeyParameters(parameters, instance3.GetOctets()); } if (algorithm.On(BCObjectIdentifiers.pqc_kem_saber)) { byte[] octets4 = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets(); return new SaberPrivateKeyParameters(PqcUtilities.SaberParamsLookup(algorithm), octets4); } if (algorithm.On(BCObjectIdentifiers.picnic)) { byte[] octets5 = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets(); return new PicnicPrivateKeyParameters(PqcUtilities.PicnicParamsLookup(algorithm), octets5); } if (algorithm.On(BCObjectIdentifiers.pqc_kem_bike)) { byte[] octets6 = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets(); BikeParameters bikeParameters = PqcUtilities.BikeParamsLookup(algorithm); byte[] h = Arrays.CopyOfRange(octets6, 0, bikeParameters.RByte); byte[] h2 = Arrays.CopyOfRange(octets6, bikeParameters.RByte, 2 * bikeParameters.RByte); byte[] sigma = Arrays.CopyOfRange(octets6, 2 * bikeParameters.RByte, octets6.Length); return new BikePrivateKeyParameters(bikeParameters, h, h2, sigma); } if (algorithm.On(BCObjectIdentifiers.pqc_kem_hqc)) { byte[] octets7 = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()).GetOctets(); return new HqcPrivateKeyParameters(PqcUtilities.HqcParamsLookup(algorithm), octets7); } if (algorithm.Equals(BCObjectIdentifiers.dilithium2) || algorithm.Equals(BCObjectIdentifiers.dilithium3) || algorithm.Equals(BCObjectIdentifiers.dilithium5)) { Asn1OctetString instance4 = Asn1OctetString.GetInstance(keyInfo.ParsePrivateKey()); DilithiumParameters dilithiumParameters = PqcUtilities.DilithiumParamsLookup(algorithm); DilithiumPublicKeyParameters pubKey = null; DerBitString publicKey4 = keyInfo.PublicKey; if (publicKey4 != null) pubKey = PqcPublicKeyFactory.GetDilithiumPublicKey(dilithiumParameters, publicKey4); return new DilithiumPrivateKeyParameters(dilithiumParameters, instance4.GetOctets(), pubKey); } if (algorithm.Equals(BCObjectIdentifiers.falcon_512) || algorithm.Equals(BCObjectIdentifiers.falcon_1024)) { Asn1Sequence instance5 = Asn1Sequence.GetInstance(keyInfo.ParsePrivateKey()); FalconParameters parameters2 = PqcUtilities.FalconParamsLookup(algorithm); int intValueExact = DerInteger.GetInstance(instance5[0]).IntValueExact; if (intValueExact != 1) throw new IOException("unknown private key version: " + intValueExact.ToString()); return new FalconPrivateKeyParameters(parameters2, Asn1OctetString.GetInstance(instance5[1]).GetOctets(), Asn1OctetString.GetInstance(instance5[2]).GetOctets(), Asn1OctetString.GetInstance(instance5[3]).GetOctets(), keyInfo.PublicKey?.GetOctets()); } if (algorithm.On(BCObjectIdentifiers.pqc_kem_ntru)) { NtruParameters ntruParameters = PqcUtilities.NtruParamsLookup(algorithm); if (ntruParameters != null) { int privateKeyLength = ntruParameters.PrivateKeyLength; if (keyInfo.PrivateKey.GetOctetsLength() > privateKeyLength) try { Asn1OctetString asn1OctetString = keyInfo.ParsePrivateKey() as Asn1OctetString; if (asn1OctetString != null && asn1OctetString.GetOctetsLength() == privateKeyLength) return NtruPrivateKeyParameters.FromEncoding(ntruParameters, asn1OctetString.GetOctets()); } catch (Exception) { } throw new ArgumentException("invalid " + ntruParameters.Name + " private key"); } } throw new Exception("algorithm identifier in private key not recognised"); } } }