Add BcHssLmsContentSignerBuilder

gefeili · dghgit · commit 508dbf94ac72 · 2025-03-22T05:21:30.000Z
diff --git a/core/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/core/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
@@ -278,6 +278,7 @@ public interface PKCSObjectIdentifiers
      * id-alg-hss-lms-hashsig OBJECT IDENTIFIER ::= { iso(1)
      *     member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
      *    smime(16) alg(3) 17 }
+     *    1.2.840.113549.1.9.16.3.17
      */
     public static final ASN1ObjectIdentifier id_alg_hss_lms_hashsig = smime_alg.branch("17");
 
diff --git a/pkix/src/main/java/org/bouncycastle/operator/bc/BcHssLmsContentSignerBuilder.java b/pkix/src/main/java/org/bouncycastle/operator/bc/BcHssLmsContentSignerBuilder.java
@@ -0,0 +1,81 @@
+package org.bouncycastle.operator.bc;
+
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.crypto.CipherParameters;
+import org.bouncycastle.crypto.CryptoException;
+import org.bouncycastle.crypto.DataLengthException;
+import org.bouncycastle.crypto.Digest;
+import org.bouncycastle.crypto.Signer;
+import org.bouncycastle.operator.OperatorCreationException;
+import org.bouncycastle.pqc.crypto.MessageSigner;
+import org.bouncycastle.pqc.crypto.lms.HSSSigner;
+
+public class BcHssLmsContentSignerBuilder
+    extends BcContentSignerBuilder
+{
+    public BcHssLmsContentSignerBuilder(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
+    {
+        super(sigAlgId, digAlgId);
+    }
+
+    protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
+        throws OperatorCreationException
+    {
+        Digest dig = digestProvider.get(digAlgId);
+
+        return new HssSigner(dig);
+    }
+
+    private static class HssSigner
+        implements Signer
+    {
+        private final MessageSigner hss = new HSSSigner();
+        private final Digest digest;
+
+        public HssSigner(Digest digest)
+        {
+            this.digest = digest;
+        }
+
+        @Override
+        public void init(boolean forSigning, CipherParameters param)
+        {
+            hss.init(forSigning, param);
+        }
+
+        @Override
+        public void update(byte b)
+        {
+            digest.update(b);
+        }
+
+        @Override
+        public void update(byte[] in, int off, int len)
+        {
+            digest.update(in, off, len);
+        }
+
+        @Override
+        public byte[] generateSignature()
+            throws CryptoException, DataLengthException
+        {
+            byte[] hash = new byte[digest.getDigestSize()];
+            digest.doFinal(hash, 0);
+            return hss.generateSignature(hash);
+        }
+
+        @Override
+        public boolean verifySignature(byte[] signature)
+        {
+            byte[] hash = new byte[digest.getDigestSize()];
+            digest.doFinal(hash, 0);
+            return hss.verifySignature(hash, signature);
+        }
+
+        @Override
+        public void reset()
+        {
+            digest.reset();
+        }
+    }
+}
