Unable to load any oqs-provider generated PEM files #527
Replies: 2 comments 2 replies
-
|
@andybrucenet It looks like you might be short an attachment, so the below is pure speculation on my part based on what others have encountered in the past... :-) What version of OQS are you using? open-quantum-safe/liboqs#1626 merged two weeks ago (:tada:), adding the new draft ML-DSA &co specs that NIST has published, but it doesn't look like they've published a new release yet according to https://github.com/open-quantum-safe/liboqs/tags. Before that PR, Let us know if that helps,
|
Beta Was this translation helpful? Give feedback.
-
|
@cipherboy Thanks for the quick reply. I just put the attachment up - in the attachment README I wanted the link to the discussion so I had to create the discussion first :) And - yes - I have read quite a few of your posts specifically including the note about the NIST drafts. In my case I suspect this to be the problem which is why I try creating all of the NIST-blessed algorithms. But my capabilities to dive into either openssl or BC are pretty limited, so I hope that my example app will demonstrate what I'm doing and - better yet - what I'm doing wrong. The attachment has all of my files - I'm using the latest of everything. Latest macOS, latest Xcode, latest VS2022, latest BouncyCastle (2.3.0), latest downloaded-n-built openssl (3.2.1), latest liboqs (0.10.0-dev, just sync'ed to my fork today), and latest oqs-provider (0.5.4-dev, sync'ed to my fork today). The incredible @baentsch has been busy and just added padding for falcon so I'm truly on the very edge :) |
Beta Was this translation helpful? Give feedback.
-
|
Many thanks for this detailed reproducer @andybrucenet! I should've been more patient but I wanted to make sure you saw the missing attachment -- I didn't know that discussions could have attachments too, so was worried you thought it attached but it failed. :-) So... I have some good news, some bad news, and a potential workaround. Bad news is, I think I'll need to discuss this with @peterdettman... :-) As I understand it, the issue is that BC C# is attempting to be helpful and parse your final private key into a concrete typed key for you. The issue is we have a classical/PQC factory split, wherein I think you can workaround this with code like: Pardon my messy code:namespace foobar;
using System.IO;
using Org.BouncyCastle.Asn1;
using Org.BouncyCastle.Asn1.Cms;
using Org.BouncyCastle.Pqc.Crypto;
using Org.BouncyCastle.Pqc.Crypto.Utilities;
// read PEM files created using openssl / oqs-provider using BouncyCastle
class Program
{
static void Main(string[] args)
{
var pemFiles = Directory.GetFiles("/tmp", "foobar-*.pem");
foreach (var pemFile in pemFiles)
{
Console.Write($"{pemFile}: ");
var theKeyStream = File.OpenText(pemFile);
using (theKeyStream)
{
var theKeyPemReader = new Org.BouncyCastle.Utilities.IO.Pem.PemReader(theKeyStream);
try
{
var content = theKeyPemReader.ReadPemObject().Content;
var theKey = Org.BouncyCastle.Pqc.Crypto.Utilities.PqcPrivateKeyFactory.CreateKey(content);
if (!(theKey is null))
{
var kyberKey = theKey as Org.BouncyCastle.Pqc.Crypto.Crystals.Kyber.KyberPrivateKeyParameters;
var dilithiumKey = theKey as Org.BouncyCastle.Pqc.Crypto.Crystals.Dilithium.DilithiumPrivateKeyParameters;
if (kyberKey != null)
{
Console.Write("kyber public key: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(kyberKey.GetPublicKey()));
}
else if (dilithiumKey != null)
{
Console.Write("dilithium public key: " + Org.BouncyCastle.Utilities.Encoders.Hex.ToHexString(dilithiumKey.GetPublicKey()));
}
else
{
Console.Write("unknown key type: " + theKey.GetType());
}
}
else
{
Console.Write("[null]");
}
}
catch (Exception ex)
{
Console.Write(ex.Message);
}
}
Console.WriteLine();
Console.WriteLine();
Console.WriteLine();
}
}
}Console output: Note that I didn't build limiting to STD algorithms, but we don't support hybrid keys either, so I think these results are mostly expected. Not sure why I thought I saw mlkem, but on second look-through, I didn't, so 🤷! p.s., everything built fine on Linux, untested on MacOS :-) Here, we parse the private key semi-manually from the embedded Now, the good news is, Java doesn't have this issue :-) It stops just short of being too helpful, and returns the PrivateKeyInfo ASN.1 structure, to let you parse it with the key factory of your choice (classical vs PQC)... So, the question for @peterdettman is, would changes to support returning a raw HTH! |
Beta Was this translation helpful? Give feedback.
-
Nope -- this has been the incredible @SWilson4. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
Uh oh!
There was an error while loading. Please reload this page.
-
Summary:
Can someone provide guidance on how to use BouncyCastle to read post-quantum PEM files generated by openssl / liboqs / oqs-provider?
Recently was tasked to implement post-quantum crypto in both C++ native libs as well as .net code. We use openssl for C++; thus, gravitated to openssl 3.2.1 / liboqs / oqs-provider which integrates ml-kem (aka Kyber), falcon, sphincs+, etc. directly into openssl APIs. Used
OQS_ALGS_ENABLED=STDwhen building liboqs to get only the NIST-approved list of algorithms.Created PEM outputs for all supported algorithms (no passwords).
However - latest BouncyCastle.Cryptography 2.3.0 is unable to read any of the PEM files generated by the C++ app.
Attachment contains READMEs, full source code and screenshots showing output.
Notes:
Created a trivial test C++ app which enumerates all included OQS algorithms and creates a PEM using
EVP_PKEY_keygen/PEM_write_bio_PrivateKey_ex. In that same C++ app verified the created PEM by usingPEM_read_bio_PrivateKey_ex.Created trivial C# app which reads each of the generated PEM files and uses
PemReader.ReadObject()to load the file. However, receive the same exception for all:The C# app uses latest BouncyCastle.Cryptography 2.3.0 - in fact, that is the only nuget package installed for the app.
Attached source code and examples of several PEM files as well as screenshots of both PEM.
Openssl client has
oqs-providerinstalled and can read the PEM files generated by the C++ app.Source
The C++ source code is pretty simple; given an input algorithm name, create a PKEY and export PEM-encoded to
/tmp:The C# source code is even simpler: Read all
/tmp/foobar-*.pemand attempt to read using BouncyCastle:The attachment contains the full projects including static libraries (at least for macOS which is what I'm doing my testing on).
Beta Was this translation helpful? Give feedback.
All reactions