using Org.BouncyCastle.Crypto.Digests; using Org.BouncyCastle.Crypto.Generators; using Org.BouncyCastle.Crypto.Parameters; using Org.BouncyCastle.Crypto.Prng; using Org.BouncyCastle.Pqc.Crypto.Falcon; using Org.BouncyCastle.Security; using StellaOps.Cryptography; using System; namespace StellaOps.Cryptography.Plugin.PqSoft; public sealed partial class PqSoftCryptoProvider { private static PqKeyEntry CreateDilithiumEntry(CryptoSigningKey signingKey) { var parameters = MLDsaParameters.ml_dsa_65; var random = CreateSeededRandom(signingKey.PrivateKey); var generator = new MLDsaKeyPairGenerator(); generator.Init(new MLDsaKeyGenerationParameters(random, parameters)); var pair = generator.GenerateKeyPair(); var priv = (MLDsaPrivateKeyParameters)pair.Private; var pub = (MLDsaPublicKeyParameters)pair.Public; var descriptor = new CryptoSigningKey( signingKey.Reference, SignatureAlgorithms.Dilithium3, priv.GetEncoded(), signingKey.CreatedAt, signingKey.ExpiresAt, pub.GetEncoded(), signingKey.Metadata); return new MLDsaKeyEntry(descriptor, priv, pub); } private static PqKeyEntry CreateFalconEntry(CryptoSigningKey signingKey) { var parameters = FalconParameters.falcon_512; var random = CreateSeededRandom(signingKey.PrivateKey); var generator = new FalconKeyPairGenerator(); generator.Init(new FalconKeyGenerationParameters(random, parameters)); var pair = generator.GenerateKeyPair(); var priv = (FalconPrivateKeyParameters)pair.Private; var pub = (FalconPublicKeyParameters)pair.Public; var descriptor = new CryptoSigningKey( signingKey.Reference, SignatureAlgorithms.Falcon512, priv.GetEncoded(), signingKey.CreatedAt, signingKey.ExpiresAt, pub.GetEncoded(), signingKey.Metadata); return new FalconKeyEntry(descriptor, priv, pub); } private static SecureRandom CreateSeededRandom(ReadOnlyMemory seed) { var generator = new DigestRandomGenerator(new Sha512Digest()); generator.AddSeedMaterial(seed.ToArray()); return new SecureRandom(generator); } }