updated HQC to always generate 256 bit secrets

Author: dghgit

core/src/main/java/org/bouncycastle/pqc/crypto/hqc/HQCKEMExtractor.java

@@ -30,7 +30,7 @@ public byte[] extractSecret(byte[] encapsulation)
 
         engine.decaps(session_key, encapsulation, sk);
 
-        return Arrays.copyOfRange(session_key, 0, key.getParameters().getK());
+        return Arrays.copyOfRange(session_key, 0, 32);
     }
 
     public int getEncapsulationLength()

core/src/main/java/org/bouncycastle/pqc/crypto/hqc/HQCKEMGenerator.java

@@ -36,6 +36,6 @@ public SecretWithEncapsulation generateEncapsulated(AsymmetricKeyParameter recip
 
         byte[] cipherText = Arrays.concatenate(u, v, salt);
 
-        return new SecretWithEncapsulationImpl(Arrays.copyOfRange(K, 0, key.getParameters().getK()), cipherText);
+        return new SecretWithEncapsulationImpl(Arrays.copyOfRange(K, 0, 32), cipherText);
     }
 }

core/src/main/java/org/bouncycastle/pqc/crypto/hqc/HQCParameters.java

@@ -118,7 +118,7 @@ HQCEngine getEngine()
 
     public int getSessionKeySize()
     {
-        return k * 8;
+        return 32 * 8;
     }
 
     public String getName()

prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/hqc/HQCCipherSpi.java

@@ -251,7 +251,7 @@ protected byte[] engineWrap(
 
             Wrapper kWrap = WrapUtil.getWrapper(kemParameterSpec.getKeyAlgorithmName());
 
-            KeyParameter keyParameter = new KeyParameter(secEnc.getSecret());
+            KeyParameter keyParameter = new KeyParameter(WrapUtil.trimSecret(kemParameterSpec.getKeyAlgorithmName(), secEnc.getSecret()));
 
             kWrap.init(true, keyParameter);
 
@@ -268,7 +268,7 @@ protected byte[] engineWrap(
             return rv;
         }
         catch (IllegalArgumentException e)
-        {
+        {               e.printStackTrace();
             throw new IllegalBlockSizeException("unable to generate KTS secret: " + e.getMessage());
         }
         catch (DestroyFailedException e)
@@ -296,7 +296,7 @@ protected Key engineUnwrap(
 
             Wrapper kWrap = WrapUtil.getWrapper(kemParameterSpec.getKeyAlgorithmName());
 
-            KeyParameter keyParameter = new KeyParameter(secret);
+            KeyParameter keyParameter = new KeyParameter(WrapUtil.trimSecret(kemParameterSpec.getKeyAlgorithmName(), secret));
 
             Arrays.clear(secret);
 

prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/WrapUtil.java

@@ -91,6 +91,16 @@ else if (keyAlgorithmName.equalsIgnoreCase("ARIA-KWP"))
         return kWrap;
     }
 
+    public static byte[] trimSecret(String algName, byte[] secret)
+    {
+        if (algName.equals("SEED"))
+        {
+            return Arrays.copyOfRange(secret, 0, 16);
+        }
+        
+        return secret;
+    }
+
     private static byte[] makeKeyBytes(KTSParameterSpec ktsSpec, byte[] secret)
         throws InvalidKeyException
     {

prov/src/test/java/org/bouncycastle/pqc/jcajce/provider/test/HQCTest.java

@@ -123,7 +123,7 @@ public void testGenerateAES()
         SecretKeyWithEncapsulation secEnc1 = (SecretKeyWithEncapsulation)keyGen.generateKey();
 
         assertEquals("AES", secEnc1.getAlgorithm());
-        assertEquals(16, secEnc1.getEncoded().length);
+        assertEquals(32, secEnc1.getEncoded().length);
 
         keyGen.init(new KEMExtractSpec(kp.getPrivate(), secEnc1.getEncapsulation(), "AES"));