refactored LMS to use HSS key encodings.

Author: dghgit

core/src/main/java/org/bouncycastle/pqc/crypto/lms/HSSPrivateKeyParameters.java

@@ -26,6 +26,23 @@ public class HSSPrivateKeyParameters
 
     private HSSPublicKeyParameters publicKey;
 
+    public HSSPrivateKeyParameters(LMSPrivateKeyParameters key, long index, long indexLimit)
+    {
+        super(true);
+
+        this.l = 1;
+        this.keys = Collections.singletonList(key);
+        this.sig = Collections.emptyList();
+        this.index = index;
+        this.indexLimit = indexLimit;
+        this.isShard = false;
+
+        //
+        // Correct Intermediate LMS values will be constructed during reset to index.
+        //
+        resetKeyToIndex();
+    }
+
     public HSSPrivateKeyParameters(int l, List<LMSPrivateKeyParameters> keys, List<LMSSignature> sig, long index, long indexLimit)
     {
         super(true);

core/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyFactory.java

@@ -43,7 +43,6 @@
 import org.bouncycastle.pqc.crypto.hqc.HQCParameters;
 import org.bouncycastle.pqc.crypto.hqc.HQCPrivateKeyParameters;
 import org.bouncycastle.pqc.crypto.lms.HSSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.lms.LMSPrivateKeyParameters;
 import org.bouncycastle.pqc.crypto.mldsa.MLDSAParameters;
 import org.bouncycastle.pqc.crypto.mldsa.MLDSAPrivateKeyParameters;
 import org.bouncycastle.pqc.crypto.mldsa.MLDSAPublicKeyParameters;
@@ -158,26 +157,13 @@ else if (algOID.equals(PKCSObjectIdentifiers.id_alg_hss_lms_hashsig))
             byte[] keyEnc = lmsKey.getOctets();
             ASN1BitString pubKey = keyInfo.getPublicKeyData();
 
-            if (Pack.bigEndianToInt(keyEnc, 0) == 1)
+            if (pubKey != null)
             {
-                if (pubKey != null)
-                {
-                    byte[] pubEnc = pubKey.getOctets();
-
-                    return LMSPrivateKeyParameters.getInstance(Arrays.copyOfRange(keyEnc, 4, keyEnc.length), Arrays.copyOfRange(pubEnc, 4, pubEnc.length));
-                }
-                return LMSPrivateKeyParameters.getInstance(Arrays.copyOfRange(keyEnc, 4, keyEnc.length));
-            }
-            else
-            {
-                if (pubKey != null)
-                {
-                    byte[] pubEnc = pubKey.getOctets();
+                byte[] pubEnc = pubKey.getOctets();
 
-                    return HSSPrivateKeyParameters.getInstance(Arrays.copyOfRange(keyEnc, 4, keyEnc.length), pubEnc);
-                }
-                return HSSPrivateKeyParameters.getInstance(Arrays.copyOfRange(keyEnc, 4, keyEnc.length));
+                return HSSPrivateKeyParameters.getInstance(Arrays.copyOfRange(keyEnc, 4, keyEnc.length), pubEnc);
             }
+            return HSSPrivateKeyParameters.getInstance(Arrays.copyOfRange(keyEnc, 4, keyEnc.length));
         }
         else if (algOID.on(BCObjectIdentifiers.sphincsPlus) || algOID.on(BCObjectIdentifiers.sphincsPlus_interop))
         {

prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/lms/BCLMSPrivateKey.java

@@ -27,7 +27,7 @@ public class BCLMSPrivateKey
     public BCLMSPrivateKey(
         LMSKeyParameters keyParams)
     {
-        this.keyParams = keyParams;
+        this.keyParams = (keyParams instanceof HSSPrivateKeyParameters) ? (HSSPrivateKeyParameters)keyParams : new HSSPrivateKeyParameters((LMSPrivateKeyParameters)keyParams, ((LMSPrivateKeyParameters)keyParams).getIndex(), ((LMSPrivateKeyParameters)keyParams).getIndex() + ((LMSPrivateKeyParameters)keyParams).getUsagesRemaining());
     }
 
     public BCLMSPrivateKey(PrivateKeyInfo keyInfo)

prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/lms/BCLMSPublicKey.java

@@ -26,7 +26,7 @@ public class BCLMSPublicKey
     public BCLMSPublicKey(
         LMSKeyParameters keyParams)
     {
-        this.keyParams = keyParams;
+        this.keyParams = (keyParams instanceof HSSPublicKeyParameters) ? keyParams : new HSSPublicKeyParameters(1, (LMSPublicKeyParameters)keyParams);
     }
 
     public BCLMSPublicKey(SubjectPublicKeyInfo keyInfo)

prov/src/test/java/org/bouncycastle/pqc/jcajce/provider/test/LMSTest.java

@@ -31,8 +31,8 @@
 public class LMSTest
     extends TestCase
 {
-    private static final byte[] nestedPublicKey = Base64.decode("MFAwDQYLKoZIhvcNAQkQAxEDPwAEPAAAAAEAAAAFAAAAARmSUd5GHVvFNVl0JBcv+GJX8+FaUrz1mNrCHGZ1z8c4j9kgSBhaEYlu+//bc2yOhQ==");
-    private static final byte[] nestedPrivateKey = Base64.decode("MIGhAgEBMA0GCyqGSIb3DQEJEAMRBE4ETAAAAAEAAAAAAAAABQAAAAEZklHeRh1bxTVZdCQXL/hiAAAAAAAAACAAAAAgXs4Bdu2gpyoEccTNWwAA81qLeSqn2yW+LWYVAi2hadyBPQAAAAABAAAABQAAAAEZklHeRh1bxTVZdCQXL/hiV/PhWlK89Zjawhxmdc/HOI/ZIEgYWhGJbvv/23NsjoU=");
+    private static final byte[] nestedPublicKey = Base64.decode("MFAwDQYLKoZIhvcNAQkQAxEDPwAEPAAAAAEAAAAFAAAAAa3sRFhG3xQtT/xfuJJswgV80jvx/sFlYxteNrZ0hheITiUL/bJ8wJpphIpoSB/E9g==");
+    private static final byte[] nestedPrivateKey = Base64.decode("MIG6AgEBMA0GCyqGSIb3DQEJEAMRBGcEZQAAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAUAAAABrexEWEbfFC1P/F+4kmzCBQAAAAAAAAAgAAAAIO01yI+Hj7eX+P2clcPDW0SzllJ4uzQt1JenbcllHpQngT0AAAAAAQAAAAUAAAABrexEWEbfFC1P/F+4kmzCBXzSO/H+wWVjG142tnSGF4hOJQv9snzAmmmEimhIH8T2");
 
     public void setUp()
     {
@@ -89,7 +89,6 @@ private void trySigning(KeyPair keyPair)
     public void testKeyEncoding()
         throws Exception
     {
-
         KeyFactory kf = KeyFactory.getInstance("LMS", "BC");
 
         PublicKey oldLmsPub = kf.generatePublic(new X509EncodedKeySpec(nestedPublicKey));
@@ -124,7 +123,7 @@ public void testKeyFactoryLMSKey()
 
         PublicKey pub1 = kFact.generatePublic(x509KeySpec);
 
-        assertEquals(kp.getPublic(), pub1);
+        assertTrue(Arrays.areEqual(kp.getPublic().getEncoded(), pub1.getEncoded()));
 
         PKCS8EncodedKeySpec pkcs8KeySpec = new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded());