diff --git a/src/libraries/Common/src/System/Security/Cryptography/SlhDsa.cs b/src/libraries/Common/src/System/Security/Cryptography/SlhDsa.cs index cb84efa593e61e..c915248b1caa9b 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/SlhDsa.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/SlhDsa.cs @@ -616,8 +616,8 @@ public bool TryExportPkcs8PrivateKey(Span destination, out int bytesWritte 3 + // Version Integer 2 + // AlgorithmIdentifier Sequence 3 + // AlgorithmIdentifier OID value, undervalued to be safe - 2 + // Secret key Octet String prefix, undervalued to be safe - Algorithm.SecretKeySizeInBytes; + 2 + // Private key Octet String prefix, undervalued to be safe + Algorithm.PrivateKeySizeInBytes; if (destination.Length < MinimumPossiblePkcs8SlhDsaKey) { @@ -650,19 +650,19 @@ public bool TryExportPkcs8PrivateKey(Span destination, out int bytesWritte /// protected virtual bool TryExportPkcs8PrivateKeyCore(Span destination, out int bytesWritten) { - // Secret key size for SLH-DSA is at most 128 bytes so we can stack allocate it. - int secretKeySizeInBytes = Algorithm.SecretKeySizeInBytes; - Debug.Assert(secretKeySizeInBytes is <= 128); - Span secretKey = (stackalloc byte[128])[..secretKeySizeInBytes]; + // Private key size for SLH-DSA is at most 128 bytes so we can stack allocate it. + int privateKeySizeInBytes = Algorithm.PrivateKeySizeInBytes; + Debug.Assert(privateKeySizeInBytes is <= 128); + Span privateKey = (stackalloc byte[128])[..privateKeySizeInBytes]; try { - ExportSlhDsaSecretKey(secretKey); + ExportSlhDsaPrivateKey(privateKey); // The ASN.1 overhead of a PrivateKeyInfo encoding a private key is 22 bytes. // Round it off to 32. This checked operation should never throw because the inputs are not // user provided. - int capacity = checked(32 + secretKeySizeInBytes); + int capacity = checked(32 + privateKeySizeInBytes); AsnWriter writer = new AsnWriter(AsnEncodingRules.DER, capacity); using (writer.PushSequence()) @@ -674,7 +674,7 @@ protected virtual bool TryExportPkcs8PrivateKeyCore(Span destination, out writer.WriteObjectIdentifier(Algorithm.Oid); } - writer.WriteOctetString(secretKey); + writer.WriteOctetString(privateKey); } Debug.Assert(writer.GetEncodedLength() <= capacity); @@ -682,7 +682,7 @@ protected virtual bool TryExportPkcs8PrivateKeyCore(Span destination, out } finally { - CryptographicOperations.ZeroMemory(secretKey); + CryptographicOperations.ZeroMemory(privateKey); } } @@ -1108,55 +1108,55 @@ public byte[] ExportSlhDsaPublicKey() } /// - /// Exports the current key in the FIPS 205 secret key format. + /// Exports the current key in the FIPS 205 private key format. /// /// - /// The buffer to receive the secret key. Its length must be exactly - /// . + /// The buffer to receive the private key. Its length must be exactly + /// . /// /// - /// is the incorrect length to receive the secret key. + /// is the incorrect length to receive the private key. /// /// - /// The current instance cannot export a secret key. + /// The current instance cannot export a private key. /// -or- /// An error occurred while exporting the key. /// /// The object has already been disposed. - public void ExportSlhDsaSecretKey(Span destination) + public void ExportSlhDsaPrivateKey(Span destination) { - int secretKeySizeInBytes = Algorithm.SecretKeySizeInBytes; + int privateKeySizeInBytes = Algorithm.PrivateKeySizeInBytes; - if (destination.Length != secretKeySizeInBytes) + if (destination.Length != privateKeySizeInBytes) { throw new ArgumentException( - SR.Format(SR.Argument_DestinationImprecise, secretKeySizeInBytes), + SR.Format(SR.Argument_DestinationImprecise, privateKeySizeInBytes), nameof(destination)); } ThrowIfDisposed(); - ExportSlhDsaSecretKeyCore(destination); + ExportSlhDsaPrivateKeyCore(destination); } /// - /// Exports the current key in the FIPS 205 secret key format. + /// Exports the current key in the FIPS 205 private key format. /// /// - /// The FIPS 205 secret key. + /// The FIPS 205 private key. /// /// - /// The current instance cannot export a secret key. + /// The current instance cannot export a private key. /// -or- /// An error occurred while exporting the key. /// /// The object has already been disposed. - public byte[] ExportSlhDsaSecretKey() + public byte[] ExportSlhDsaPrivateKey() { ThrowIfDisposed(); - byte[] destination = new byte[Algorithm.SecretKeySizeInBytes]; - ExportSlhDsaSecretKeyCore(destination); + byte[] destination = new byte[Algorithm.PrivateKeySizeInBytes]; + ExportSlhDsaPrivateKeyCore(destination); return destination; } @@ -1293,12 +1293,12 @@ public static SlhDsa ImportPkcs8PrivateKey(ReadOnlySpan source) SlhDsaAlgorithm info = GetAlgorithmIdentifier(in algId); ReadOnlySpan privateKey = key.Span; - if (privateKey.Length != info.SecretKeySizeInBytes) + if (privateKey.Length != info.PrivateKeySizeInBytes) { throw new CryptographicException(SR.Cryptography_Der_Invalid_Encoding); } - ret = ImportSlhDsaSecretKey(info, key.Span); + ret = ImportSlhDsaPrivateKey(info, key.Span); }, out int read, out SlhDsa slhDsa); @@ -1704,13 +1704,13 @@ public static SlhDsa ImportSlhDsaPublicKey(SlhDsaAlgorithm algorithm, byte[] sou } /// - /// Imports an SLH-DSA private key in the FIPS 205 secret key format. + /// Imports an SLH-DSA private key in the FIPS 205 private key format. /// /// /// The specific SLH-DSA algorithm for this key. /// /// - /// The bytes of a FIPS 205 secret key. + /// The bytes of a FIPS 205 private key. /// /// /// The imported key. @@ -1728,29 +1728,29 @@ public static SlhDsa ImportSlhDsaPublicKey(SlhDsaAlgorithm algorithm, byte[] sou /// The platform does not support SLH-DSA. Callers can use the property /// to determine if the platform supports SLH-DSA. /// - public static SlhDsa ImportSlhDsaSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) + public static SlhDsa ImportSlhDsaPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) { ArgumentNullException.ThrowIfNull(algorithm); - if (source.Length != algorithm.SecretKeySizeInBytes) + if (source.Length != algorithm.PrivateKeySizeInBytes) { - throw new ArgumentException(SR.Argument_SecretKeyWrongSizeForAlgorithm, nameof(source)); + throw new ArgumentException(SR.Argument_PrivateKeyWrongSizeForAlgorithm, nameof(source)); } ThrowIfNotSupported(); - return SlhDsaImplementation.ImportSecretKey(algorithm, source); + return SlhDsaImplementation.ImportPrivateKey(algorithm, source); } - /// + /// /// /// or is . /// - public static SlhDsa ImportSlhDsaSecretKey(SlhDsaAlgorithm algorithm, byte[] source) + public static SlhDsa ImportSlhDsaPrivateKey(SlhDsaAlgorithm algorithm, byte[] source) { ArgumentNullException.ThrowIfNull(source); - return ImportSlhDsaSecretKey(algorithm, new ReadOnlySpan(source)); + return ImportSlhDsaPrivateKey(algorithm, new ReadOnlySpan(source)); } /// @@ -1856,12 +1856,12 @@ protected virtual void Dispose(bool disposing) protected abstract void ExportSlhDsaPublicKeyCore(Span destination); /// - /// When overridden in a derived class, exports the FIPS 205 secret key to the specified buffer. + /// When overridden in a derived class, exports the FIPS 205 private key to the specified buffer. /// /// - /// The buffer to receive the secret key. + /// The buffer to receive the private key. /// - protected abstract void ExportSlhDsaSecretKeyCore(Span destination); + protected abstract void ExportSlhDsaPrivateKeyCore(Span destination); private AsnWriter ExportSubjectPublicKeyInfoCore() { @@ -1952,7 +1952,7 @@ private TResult ExportPkcs8PrivateKeyCallback(ExportPkcs8PrivateKeyFunc { // A PKCS#8 SLH-DSA-SHA2-256s private key has an ASN.1 overhead of 22 bytes, assuming no attributes. // Make it an even 32 and that should give a good starting point for a buffer size. - int size = Algorithm.SecretKeySizeInBytes + 32; + int size = Algorithm.PrivateKeySizeInBytes + 32; // The buffer is only being passed out as a span, so the derived type can't meaningfully // hold on to it without being malicious. byte[] buffer = CryptoPool.Rent(size); diff --git a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaAlgorithm.cs b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaAlgorithm.cs index 987e92e1767dbd..4d5b261c64863b 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaAlgorithm.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaAlgorithm.cs @@ -22,12 +22,12 @@ public sealed class SlhDsaAlgorithm : IEquatable public string Name { get; } /// - /// Gets the size of the secret key in bytes for this algorithm. + /// Gets the size of the private key in bytes for this algorithm. /// /// - /// The size of the secret key in bytes for this algorithm. + /// The size of the private key in bytes for this algorithm. /// - public int SecretKeySizeInBytes { get; } + public int PrivateKeySizeInBytes { get; } /// /// Gets the size of the public key in bytes for this algorithm. @@ -72,9 +72,9 @@ private SlhDsaAlgorithm(string name, int n, int signatureSizeInBytes, string oid { Name = name; - // The secret key and public key sizes are shown to be 4n and 2n respectively in + // The private key and public key sizes are shown to be 4n and 2n respectively in // section 9.1 "Key Generation", particularly figure 15 and 16. - SecretKeySizeInBytes = 4 * n; + PrivateKeySizeInBytes = 4 * n; PublicKeySizeInBytes = 2 * n; SignatureSizeInBytes = signatureSizeInBytes; Oid = oid; diff --git a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaCng.cs b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaCng.cs index efefaeda66ba5a..3c0511d16907f5 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaCng.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaCng.cs @@ -82,7 +82,7 @@ protected override void ExportSlhDsaPublicKeyCore(Span destination) => throw new PlatformNotSupportedException(); /// - protected override void ExportSlhDsaSecretKeyCore(Span destination) => + protected override void ExportSlhDsaPrivateKeyCore(Span destination) => throw new PlatformNotSupportedException(); /// diff --git a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.NotSupported.cs b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.NotSupported.cs index a28ee9db020821..4a220cf7f0e332 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.NotSupported.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.NotSupported.cs @@ -32,7 +32,7 @@ protected override bool VerifyPreHashCore(ReadOnlySpan hash, ReadOnlySpan< protected override void ExportSlhDsaPublicKeyCore(Span destination) => throw new PlatformNotSupportedException(); - protected override void ExportSlhDsaSecretKeyCore(Span destination) => + protected override void ExportSlhDsaPrivateKeyCore(Span destination) => throw new PlatformNotSupportedException(); protected override bool TryExportPkcs8PrivateKeyCore(Span destination, out int bytesWritten) => @@ -44,7 +44,7 @@ internal static partial SlhDsaImplementation ImportPublicKey(SlhDsaAlgorithm alg internal static partial SlhDsaImplementation ImportPkcs8PrivateKeyValue(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => throw new PlatformNotSupportedException(); - internal static partial SlhDsaImplementation ImportSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => + internal static partial SlhDsaImplementation ImportPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => throw new PlatformNotSupportedException(); } } diff --git a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.Windows.cs b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.Windows.cs index 5e4f3808ad3f67..ad5ffc5c95a03a 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.Windows.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.Windows.cs @@ -32,7 +32,7 @@ protected override bool VerifyPreHashCore(ReadOnlySpan hash, ReadOnlySpan< protected override void ExportSlhDsaPublicKeyCore(Span destination) => throw new PlatformNotSupportedException(); - protected override void ExportSlhDsaSecretKeyCore(Span destination) => + protected override void ExportSlhDsaPrivateKeyCore(Span destination) => throw new PlatformNotSupportedException(); protected override bool TryExportPkcs8PrivateKeyCore(Span destination, out int bytesWritten) => @@ -44,7 +44,7 @@ internal static partial SlhDsaImplementation ImportPublicKey(SlhDsaAlgorithm alg internal static partial SlhDsaImplementation ImportPkcs8PrivateKeyValue(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => throw new PlatformNotSupportedException(); - internal static partial SlhDsaImplementation ImportSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => + internal static partial SlhDsaImplementation ImportPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => throw new PlatformNotSupportedException(); } } diff --git a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.cs b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.cs index 3f655e57815a05..80b5c95ce9f1c8 100644 --- a/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.cs +++ b/src/libraries/Common/src/System/Security/Cryptography/SlhDsaImplementation.cs @@ -14,7 +14,7 @@ internal sealed partial class SlhDsaImplementation : SlhDsa internal static partial SlhDsaImplementation GenerateKeyCore(SlhDsaAlgorithm algorithm); internal static partial SlhDsaImplementation ImportPublicKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source); internal static partial SlhDsaImplementation ImportPkcs8PrivateKeyValue(SlhDsaAlgorithm algorithm, ReadOnlySpan source); - internal static partial SlhDsaImplementation ImportSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source); + internal static partial SlhDsaImplementation ImportPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source); /// /// Duplicates an SLH-DSA private key by export/import. @@ -23,14 +23,14 @@ internal sealed partial class SlhDsaImplementation : SlhDsa internal static SlhDsaImplementation DuplicatePrivateKey(SlhDsa key) { Debug.Assert(key is not SlhDsaImplementation); - Debug.Assert(key.Algorithm.SecretKeySizeInBytes <= 128); + Debug.Assert(key.Algorithm.PrivateKeySizeInBytes <= 128); - Span secretKey = (stackalloc byte[128])[..key.Algorithm.SecretKeySizeInBytes]; - key.ExportSlhDsaSecretKey(secretKey); + Span secretKey = (stackalloc byte[128])[..key.Algorithm.PrivateKeySizeInBytes]; + key.ExportSlhDsaPrivateKey(secretKey); try { - return ImportSecretKey(key.Algorithm, secretKey); + return ImportPrivateKey(key.Algorithm, secretKey); } finally { diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaAlgorithmTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaAlgorithmTests.cs index 41af4928a15405..1f2a43c78e4d40 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaAlgorithmTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaAlgorithmTests.cs @@ -16,73 +16,73 @@ public static void AlgorithmsHaveExpectedParameters() algorithm = SlhDsaAlgorithm.SlhDsaSha2_128s; Assert.Equal("SLH-DSA-SHA2-128s", algorithm.Name); Assert.Equal(32, algorithm.PublicKeySizeInBytes); - Assert.Equal(64, algorithm.SecretKeySizeInBytes); + Assert.Equal(64, algorithm.PrivateKeySizeInBytes); Assert.Equal(7856, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaShake128s; Assert.Equal("SLH-DSA-SHAKE-128s", algorithm.Name); Assert.Equal(32, algorithm.PublicKeySizeInBytes); - Assert.Equal(64, algorithm.SecretKeySizeInBytes); + Assert.Equal(64, algorithm.PrivateKeySizeInBytes); Assert.Equal(7856, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaSha2_128f; Assert.Equal("SLH-DSA-SHA2-128f", algorithm.Name); Assert.Equal(32, algorithm.PublicKeySizeInBytes); - Assert.Equal(64, algorithm.SecretKeySizeInBytes); + Assert.Equal(64, algorithm.PrivateKeySizeInBytes); Assert.Equal(17088, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaShake128f; Assert.Equal("SLH-DSA-SHAKE-128f", algorithm.Name); Assert.Equal(32, algorithm.PublicKeySizeInBytes); - Assert.Equal(64, algorithm.SecretKeySizeInBytes); + Assert.Equal(64, algorithm.PrivateKeySizeInBytes); Assert.Equal(17088, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaSha2_192s; Assert.Equal("SLH-DSA-SHA2-192s", algorithm.Name); Assert.Equal(48, algorithm.PublicKeySizeInBytes); - Assert.Equal(96, algorithm.SecretKeySizeInBytes); + Assert.Equal(96, algorithm.PrivateKeySizeInBytes); Assert.Equal(16224, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaShake192s; Assert.Equal("SLH-DSA-SHAKE-192s", algorithm.Name); Assert.Equal(48, algorithm.PublicKeySizeInBytes); - Assert.Equal(96, algorithm.SecretKeySizeInBytes); + Assert.Equal(96, algorithm.PrivateKeySizeInBytes); Assert.Equal(16224, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaSha2_192f; Assert.Equal("SLH-DSA-SHA2-192f", algorithm.Name); Assert.Equal(48, algorithm.PublicKeySizeInBytes); - Assert.Equal(96, algorithm.SecretKeySizeInBytes); + Assert.Equal(96, algorithm.PrivateKeySizeInBytes); Assert.Equal(35664, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaShake192f; Assert.Equal("SLH-DSA-SHAKE-192f", algorithm.Name); Assert.Equal(48, algorithm.PublicKeySizeInBytes); - Assert.Equal(96, algorithm.SecretKeySizeInBytes); + Assert.Equal(96, algorithm.PrivateKeySizeInBytes); Assert.Equal(35664, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaSha2_256s; Assert.Equal("SLH-DSA-SHA2-256s", algorithm.Name); Assert.Equal(64, algorithm.PublicKeySizeInBytes); - Assert.Equal(128, algorithm.SecretKeySizeInBytes); + Assert.Equal(128, algorithm.PrivateKeySizeInBytes); Assert.Equal(29792, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaShake256s; Assert.Equal("SLH-DSA-SHAKE-256s", algorithm.Name); Assert.Equal(64, algorithm.PublicKeySizeInBytes); - Assert.Equal(128, algorithm.SecretKeySizeInBytes); + Assert.Equal(128, algorithm.PrivateKeySizeInBytes); Assert.Equal(29792, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaSha2_256f; Assert.Equal("SLH-DSA-SHA2-256f", algorithm.Name); Assert.Equal(64, algorithm.PublicKeySizeInBytes); - Assert.Equal(128, algorithm.SecretKeySizeInBytes); + Assert.Equal(128, algorithm.PrivateKeySizeInBytes); Assert.Equal(49856, algorithm.SignatureSizeInBytes); algorithm = SlhDsaAlgorithm.SlhDsaShake256f; Assert.Equal("SLH-DSA-SHAKE-256f", algorithm.Name); Assert.Equal(64, algorithm.PublicKeySizeInBytes); - Assert.Equal(128, algorithm.SecretKeySizeInBytes); + Assert.Equal(128, algorithm.PrivateKeySizeInBytes); Assert.Equal(49856, algorithm.SignatureSizeInBytes); } diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaContractTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaContractTests.cs index b08e714da27bd9..e01600c613b0e8 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaContractTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaContractTests.cs @@ -73,7 +73,7 @@ public static void ArgumentValidation(SlhDsaAlgorithm algorithm, bool shouldDisp using SlhDsa slhDsa = SlhDsaMockImplementation.Create(algorithm); int publicKeySize = algorithm.PublicKeySizeInBytes; - int secretKeySize = algorithm.SecretKeySizeInBytes; + int privateKeySize = algorithm.PrivateKeySizeInBytes; int signatureSize = algorithm.SignatureSizeInBytes; if (shouldDispose) @@ -84,8 +84,8 @@ public static void ArgumentValidation(SlhDsaAlgorithm algorithm, bool shouldDisp AssertExtensions.Throws("destination", () => slhDsa.ExportSlhDsaPublicKey(new byte[publicKeySize - 1])); AssertExtensions.Throws("destination", () => slhDsa.ExportSlhDsaPublicKey(new byte[publicKeySize + 1])); - AssertExtensions.Throws("destination", () => slhDsa.ExportSlhDsaSecretKey(new byte[secretKeySize - 1])); - AssertExtensions.Throws("destination", () => slhDsa.ExportSlhDsaSecretKey(new byte[secretKeySize + 1])); + AssertExtensions.Throws("destination", () => slhDsa.ExportSlhDsaPrivateKey(new byte[privateKeySize - 1])); + AssertExtensions.Throws("destination", () => slhDsa.ExportSlhDsaPrivateKey(new byte[privateKeySize + 1])); AssertExtensions.Throws("destination", () => slhDsa.SignData(ReadOnlySpan.Empty, new byte[signatureSize - 1], ReadOnlySpan.Empty)); AssertExtensions.Throws("destination", () => slhDsa.SignData(ReadOnlySpan.Empty, new byte[signatureSize + 1], ReadOnlySpan.Empty)); AssertExtensions.Throws("destination", () => slhDsa.SignPreHash(ReadOnlySpan.Empty, new byte[signatureSize - 1], "", ReadOnlySpan.Empty)); @@ -275,30 +275,30 @@ public static void ExportSlhDsaPublicKey_CallsCore(SlhDsaAlgorithm algorithm) [Theory] [MemberData(nameof(SlhDsaTestData.AlgorithmsData), MemberType = typeof(SlhDsaTestData))] - public static void ExportSlhDsaSecretKey_CallsCore(SlhDsaAlgorithm algorithm) + public static void ExportSlhDsaPrivateKey_CallsCore(SlhDsaAlgorithm algorithm) { using SlhDsaMockImplementation slhDsa = SlhDsaMockImplementation.Create(algorithm); - slhDsa.ExportSlhDsaSecretKeyCoreHook = _ => { }; + slhDsa.ExportSlhDsaPrivateKeyCoreHook = _ => { }; slhDsa.AddFillDestination(1); - int secretKeySize = algorithm.SecretKeySizeInBytes; + int privateKeySize = algorithm.PrivateKeySizeInBytes; // Array overload - byte[] exported = slhDsa.ExportSlhDsaSecretKey(); - Assert.Equal(1, slhDsa.ExportSlhDsaSecretKeyCoreCallCount); - Assert.Equal(secretKeySize, exported.Length); + byte[] exported = slhDsa.ExportSlhDsaPrivateKey(); + Assert.Equal(1, slhDsa.ExportSlhDsaPrivateKeyCoreCallCount); + Assert.Equal(privateKeySize, exported.Length); AssertExpectedFill(exported, fillElement: 1); // Span overload - byte[] secretKey = CreatePaddedFilledArray(secretKeySize, 42); + byte[] privateKey = CreatePaddedFilledArray(privateKeySize, 42); // Extra bytes in destination buffer should not be touched - Memory destination = secretKey.AsMemory(PaddingSize, secretKeySize); + Memory destination = privateKey.AsMemory(PaddingSize, privateKeySize); slhDsa.AddDestinationBufferIsSameAssertion(destination); - slhDsa.ExportSlhDsaSecretKey(destination.Span); - Assert.Equal(2, slhDsa.ExportSlhDsaSecretKeyCoreCallCount); - AssertExpectedFill(secretKey, fillElement: 1, paddingElement: 42, PaddingSize, secretKeySize); + slhDsa.ExportSlhDsaPrivateKey(destination.Span); + Assert.Equal(2, slhDsa.ExportSlhDsaPrivateKeyCoreCallCount); + AssertExpectedFill(privateKey, fillElement: 1, paddingElement: 42, PaddingSize, privateKeySize); } [Theory] @@ -558,31 +558,31 @@ public static void Dispose_CallsVirtual(SlhDsaAlgorithm algorithm) [Theory] [MemberData(nameof(SlhDsaTestData.AlgorithmsData), MemberType = typeof(SlhDsaTestData))] - public static void ExportPkcs8PrivateKey_CallsExportSlhDsaSecretKey(SlhDsaAlgorithm algorithm) + public static void ExportPkcs8PrivateKey_CallsExportSlhDsaPrivateKey(SlhDsaAlgorithm algorithm) { SlhDsaTestHelpers.AssertExportPkcs8PrivateKey(export => { using SlhDsaMockImplementation slhDsa = SlhDsaMockImplementation.Create(algorithm); - slhDsa.ExportSlhDsaSecretKeyCoreHook = _ => { }; + slhDsa.ExportSlhDsaPrivateKeyCoreHook = _ => { }; slhDsa.AddLengthAssertion(); slhDsa.AddFillDestination(1); // SlhDsaMockImplementation overrides TryExportPkcs8PrivateKeyCore with a stub. In order to replicate the // non-overridden behavior, we will replace the stub with a call to base.TryExportPkcs8PrivateKeyCore. - // We can then assert that base.TryExportPkcs8PrivateKeyCore calls ExportSlhDsaSecretKeyCore as expected. + // We can then assert that base.TryExportPkcs8PrivateKeyCore calls ExportSlhDsaPrivateKeyCore as expected. slhDsa.TryExportPkcs8PrivateKeyCoreHook = slhDsa.BaseTryExportPkcs8PrivateKeyCore; // Invoke the export byte[] exported = export(slhDsa); // Assert that the core methods were called - AssertExtensions.GreaterThan(slhDsa.ExportSlhDsaSecretKeyCoreCallCount, 0); + AssertExtensions.GreaterThan(slhDsa.ExportSlhDsaPrivateKeyCoreCallCount, 0); AssertExtensions.GreaterThan(slhDsa.TryExportPkcs8PrivateKeyCoreCallCount, 0); // And check the returned data PrivateKeyInfoAsn exportedPkcs8 = PrivateKeyInfoAsn.Decode(exported, AsnEncodingRules.DER); - AssertExtensions.SequenceEqual(CreateFilledArray(algorithm.SecretKeySizeInBytes, 1), exportedPkcs8.PrivateKey.Span); + AssertExtensions.SequenceEqual(CreateFilledArray(algorithm.PrivateKeySizeInBytes, 1), exportedPkcs8.PrivateKey.Span); Assert.Equal(0, exportedPkcs8.Version); Assert.Equal(SlhDsaTestHelpers.AlgorithmToOid(algorithm), exportedPkcs8.PrivateKeyAlgorithm.Algorithm); AssertExtensions.FalseExpression(exportedPkcs8.PrivateKeyAlgorithm.Parameters.HasValue); @@ -592,9 +592,9 @@ public static void ExportPkcs8PrivateKey_CallsExportSlhDsaSecretKey(SlhDsaAlgori [Theory] [MemberData(nameof(SlhDsaTestData.AlgorithmsData), MemberType = typeof(SlhDsaTestData))] - public static void ExportPkcs8PrivateKey_DoesNotCallExportSlhDsaSecretKey(SlhDsaAlgorithm algorithm) + public static void ExportPkcs8PrivateKey_DoesNotCallExportSlhDsaPrivateKey(SlhDsaAlgorithm algorithm) { - byte[] secretKeyBytes = CreateFilledArray(algorithm.SecretKeySizeInBytes, 42); + byte[] privateKeyBytes = CreateFilledArray(algorithm.PrivateKeySizeInBytes, 42); PrivateKeyInfoAsn pkcs8 = new PrivateKeyInfoAsn { PrivateKeyAlgorithm = new AlgorithmIdentifierAsn @@ -602,7 +602,7 @@ public static void ExportPkcs8PrivateKey_DoesNotCallExportSlhDsaSecretKey(SlhDsa Algorithm = SlhDsaTestHelpers.AlgorithmToOid(algorithm), Parameters = null, }, - PrivateKey = secretKeyBytes, + PrivateKey = privateKeyBytes, }; byte[] minimalEncoding = pkcs8.Encode(); @@ -628,8 +628,8 @@ public static void ExportPkcs8PrivateKey_DoesNotCallExportSlhDsaSecretKey(SlhDsa byte[] exported = export(slhDsa); - // Assert that the PKCS#8 private key is NOT generated with the secret key but from our test callback - Assert.Equal(0, slhDsa.ExportSlhDsaSecretKeyCoreCallCount); + // Assert that the PKCS#8 private key is NOT generated with the private key but from our test callback + Assert.Equal(0, slhDsa.ExportSlhDsaPrivateKeyCoreCallCount); AssertExtensions.GreaterThan(slhDsa.TryExportPkcs8PrivateKeyCoreCallCount, 0); PrivateKeyInfoAsn exportedPkcs8 = PrivateKeyInfoAsn.Decode(exported, AsnEncodingRules.DER); @@ -689,18 +689,18 @@ public static void ExportEncryptedPkcs8PrivateKey_CallsExportSlhDsaPrivateKey(Sl { using SlhDsaMockImplementation slhDsa = SlhDsaMockImplementation.Create(algorithm); - slhDsa.ExportSlhDsaSecretKeyCoreHook = _ => { }; + slhDsa.ExportSlhDsaPrivateKeyCoreHook = _ => { }; slhDsa.AddLengthAssertion(); slhDsa.AddFillDestination(1); // SlhDsaMockImplementation overrides TryExportPkcs8PrivateKeyCore with a stub. In order to replicate the // non-overridden behavior, we will replace the stub with a call to base.TryExportPkcs8PrivateKeyCore. - // We can then assert that base.TryExportPkcs8PrivateKeyCore calls ExportSlhDsaSecretKeyCore as expected. + // We can then assert that base.TryExportPkcs8PrivateKeyCore calls ExportSlhDsaPrivateKeyCore as expected. slhDsa.TryExportPkcs8PrivateKeyCoreHook = slhDsa.BaseTryExportPkcs8PrivateKeyCore; byte[] exported = export(slhDsa, "PLACEHOLDER", pbeParameters); - AssertExtensions.GreaterThan(slhDsa.ExportSlhDsaSecretKeyCoreCallCount, 0); + AssertExtensions.GreaterThan(slhDsa.ExportSlhDsaPrivateKeyCoreCallCount, 0); AssertExtensions.GreaterThan(slhDsa.TryExportPkcs8PrivateKeyCoreCallCount, 0); EncryptedPrivateKeyInfoAsn epki = EncryptedPrivateKeyInfoAsn.Decode(exported, AsnEncodingRules.BER); @@ -715,16 +715,16 @@ public static void ExportEncryptedPkcs8PrivateKey_CallsExportSlhDsaPrivateKey(Sl public static void TryExportPkcs8PrivateKey_DestinationTooSmall(SlhDsaAlgorithm algorithm) { const int MinimumOverhead = 12; - int lengthCutoff = algorithm.SecretKeySizeInBytes + MinimumOverhead; + int lengthCutoff = algorithm.PrivateKeySizeInBytes + MinimumOverhead; // First check that the length cutoff is enforced using SlhDsaMockImplementation slhDsa = SlhDsaMockImplementation.Create(algorithm); - byte[] secretKey = new byte[lengthCutoff]; + byte[] privateKey = new byte[lengthCutoff]; // Early heuristic based bailout so no core methods are called AssertExtensions.FalseExpression( - slhDsa.TryExportPkcs8PrivateKey(secretKey.AsSpan(0, lengthCutoff - 1), out int bytesWritten)); + slhDsa.TryExportPkcs8PrivateKey(privateKey.AsSpan(0, lengthCutoff - 1), out int bytesWritten)); Assert.Equal(0, bytesWritten); // No bailout case: set up the core method @@ -734,8 +734,8 @@ public static void TryExportPkcs8PrivateKey_DestinationTooSmall(SlhDsaAlgorithm return true; }; - AssertExtensions.TrueExpression(slhDsa.TryExportPkcs8PrivateKey(secretKey, out bytesWritten)); - Assert.Equal(secretKey.Length, bytesWritten); + AssertExtensions.TrueExpression(slhDsa.TryExportPkcs8PrivateKey(privateKey, out bytesWritten)); + Assert.Equal(privateKey.Length, bytesWritten); // Now check that the length cutoff permits a minimal encoding // Build the minimal encoding: @@ -749,7 +749,7 @@ public static void TryExportPkcs8PrivateKey_DestinationTooSmall(SlhDsaAlgorithm writer.WriteObjectIdentifier(SlhDsaTestHelpers.AlgorithmToOid(algorithm)); } - writer.WriteOctetString(new byte[algorithm.SecretKeySizeInBytes]); + writer.WriteOctetString(new byte[algorithm.PrivateKeySizeInBytes]); } byte[] encodedMetadata = writer.Encode(); @@ -764,7 +764,7 @@ public static void ExportPkcs8PrivateKey_DestinationInitialSize(SlhDsaAlgorithm { using SlhDsaMockImplementation slhDsa = SlhDsaMockImplementation.Create(algorithm); - byte[] secretKeyBytes = CreateFilledArray(algorithm.SecretKeySizeInBytes, 42); + byte[] privateKeyBytes = CreateFilledArray(algorithm.PrivateKeySizeInBytes, 42); PrivateKeyInfoAsn pkcs8 = new PrivateKeyInfoAsn { PrivateKeyAlgorithm = new AlgorithmIdentifierAsn @@ -772,7 +772,7 @@ public static void ExportPkcs8PrivateKey_DestinationInitialSize(SlhDsaAlgorithm Algorithm = SlhDsaTestHelpers.AlgorithmToOid(SlhDsaAlgorithm.SlhDsaSha2_128s), Parameters = null, }, - PrivateKey = secretKeyBytes, + PrivateKey = privateKeyBytes, }; byte[] minimalEncoding = pkcs8.Encode(); @@ -808,7 +808,7 @@ public static void ExportPkcs8PrivateKey_Resizes(SlhDsaAlgorithm algorithm) { using SlhDsaMockImplementation slhDsa = SlhDsaMockImplementation.Create(algorithm); - byte[] secretKeyBytes = CreateFilledArray(algorithm.SecretKeySizeInBytes, 42); + byte[] privateKeyBytes = CreateFilledArray(algorithm.PrivateKeySizeInBytes, 42); PrivateKeyInfoAsn pkcs8 = new PrivateKeyInfoAsn { PrivateKeyAlgorithm = new AlgorithmIdentifierAsn @@ -816,7 +816,7 @@ public static void ExportPkcs8PrivateKey_Resizes(SlhDsaAlgorithm algorithm) Algorithm = SlhDsaTestHelpers.AlgorithmToOid(SlhDsaAlgorithm.SlhDsaSha2_128s), Parameters = null, }, - PrivateKey = secretKeyBytes, + PrivateKey = privateKeyBytes, }; byte[] minimalEncoding = pkcs8.Encode(); diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaFactoryTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaFactoryTests.cs index ab0dbf48b12b59..6544bc64fff92c 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaFactoryTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaFactoryTests.cs @@ -16,7 +16,7 @@ public static void NullArgumentValidation() { AssertExtensions.Throws("algorithm", static () => SlhDsa.GenerateKey(null)); AssertExtensions.Throws("algorithm", static () => SlhDsa.ImportSlhDsaPublicKey(null, [])); - AssertExtensions.Throws("algorithm", static () => SlhDsa.ImportSlhDsaSecretKey(null, [])); + AssertExtensions.Throws("algorithm", static () => SlhDsa.ImportSlhDsaPrivateKey(null, [])); AssertExtensions.Throws("source", static () => SlhDsa.ImportEncryptedPkcs8PrivateKey(string.Empty, (byte[])null)); AssertExtensions.Throws("source", static () => SlhDsa.ImportFromEncryptedPem((string)null, string.Empty)); @@ -24,7 +24,7 @@ public static void NullArgumentValidation() AssertExtensions.Throws("source", static () => SlhDsa.ImportFromPem(null)); AssertExtensions.Throws("source", static () => SlhDsa.ImportPkcs8PrivateKey(null)); AssertExtensions.Throws("source", static () => SlhDsa.ImportSlhDsaPublicKey(SlhDsaAlgorithm.SlhDsaSha2_128f, null)); - AssertExtensions.Throws("source", static () => SlhDsa.ImportSlhDsaSecretKey(SlhDsaAlgorithm.SlhDsaSha2_128f, null)); + AssertExtensions.Throws("source", static () => SlhDsa.ImportSlhDsaPrivateKey(SlhDsaAlgorithm.SlhDsaSha2_128f, null)); AssertExtensions.Throws("source", static () => SlhDsa.ImportSubjectPublicKeyInfo(null)); AssertExtensions.Throws("password", static () => SlhDsa.ImportEncryptedPkcs8PrivateKey((string)null, Array.Empty())); @@ -38,7 +38,7 @@ public static void NullArgumentValidation() public static void ArgumentValidation_WrongKeySizeForAlgorithm(SlhDsaAlgorithm algorithm) { int publicKeySize = algorithm.PublicKeySizeInBytes; - int secretKeySize = algorithm.SecretKeySizeInBytes; + int privateKeySize = algorithm.PrivateKeySizeInBytes; // SLH-DSA key size is wrong when importing algorithm key. Throw an argument exception. Action> assertDirectImport = import => AssertExtensions.Throws("source", import); @@ -51,9 +51,9 @@ public static void ArgumentValidation_WrongKeySizeForAlgorithm(SlhDsaAlgorithm a SlhDsaTestHelpers.AssertImportPublicKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[publicKeySize - 1]); SlhDsaTestHelpers.AssertImportPublicKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[0]); - SlhDsaTestHelpers.AssertImportSecretKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[secretKeySize + 1]); - SlhDsaTestHelpers.AssertImportSecretKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[secretKeySize - 1]); - SlhDsaTestHelpers.AssertImportSecretKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[0]); + SlhDsaTestHelpers.AssertImportPrivateKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[privateKeySize + 1]); + SlhDsaTestHelpers.AssertImportPrivateKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[privateKeySize - 1]); + SlhDsaTestHelpers.AssertImportPrivateKey(assertDirectImport, assertEmbeddedImport, algorithm, new byte[0]); } [Fact] @@ -179,7 +179,7 @@ public static void ImportPkcs8PrivateKey_AlgorithmErrorsInAsn() Algorithm = SlhDsaTestHelpers.AlgorithmToOid(SlhDsaAlgorithm.SlhDsaSha2_128s), Parameters = SlhDsaTestHelpers.s_derBitStringFoo, // <-- Invalid }, - PrivateKey = new byte[SlhDsaAlgorithm.SlhDsaSha2_128s.SecretKeySizeInBytes] + PrivateKey = new byte[SlhDsaAlgorithm.SlhDsaSha2_128s.PrivateKeySizeInBytes] }; SlhDsaTestHelpers.AssertImportPkcs8PrivateKey( @@ -253,9 +253,9 @@ public static void AlgorithmMatches_GenerateKey(SlhDsaAlgorithm algorithm) AssertThrowIfNotSupported(() => Assert.Equal(algorithm, import().Algorithm)), algorithm, new byte[algorithm.PublicKeySizeInBytes]); - SlhDsaTestHelpers.AssertImportSecretKey(import => + SlhDsaTestHelpers.AssertImportPrivateKey(import => AssertThrowIfNotSupported(() => - Assert.Equal(algorithm, import().Algorithm)), algorithm, new byte[algorithm.SecretKeySizeInBytes]); + Assert.Equal(algorithm, import().Algorithm)), algorithm, new byte[algorithm.PrivateKeySizeInBytes]); } /// diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaImplementationTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaImplementationTests.cs index defda3c6df049b..1994994012978e 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaImplementationTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaImplementationTests.cs @@ -28,9 +28,9 @@ public static void SlhDsaIsOnlyPublicAncestor_Import(SlhDsaTestData.SlhDsaGenera SlhDsaTestHelpers.AssertImportPublicKey( AssertSlhDsaIsOnlyPublicAncestor, info.Algorithm, info.PublicKey); - // Tests ImportSecretKey, ImportPKCS8PrivateKey, ImportPem (with PRIVATE KEY) - SlhDsaTestHelpers.AssertImportSecretKey( - AssertSlhDsaIsOnlyPublicAncestor, info.Algorithm, info.SecretKey); + // Tests ImportPrivateKey, ImportPKCS8PrivateKey, ImportPem (with PRIVATE KEY) + SlhDsaTestHelpers.AssertImportPrivateKey( + AssertSlhDsaIsOnlyPublicAncestor, info.Algorithm, info.PrivateKey); // Tests ImportEncryptedPKCS8PrivateKey, ImportEncryptedPem (with ENCRYPTED PRIVATE KEY) SlhDsaTestHelpers.AssertImportEncryptedPkcs8PrivateKey(import => @@ -71,32 +71,32 @@ public void RoundTrip_Export_Import_PublicKey(SlhDsaAlgorithm algorithm) // Verify the roundtripped object has the same key Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); AssertExtensions.SequenceEqual(slhDsa.ExportSlhDsaPublicKey(), roundTrippedSlhDsa.ExportSlhDsaPublicKey()); - Assert.Throws(() => roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + Assert.Throws(() => roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); }, algorithm, exportedPublicKey); }); } [Theory] [MemberData(nameof(SlhDsaTestData.AlgorithmsData), MemberType = typeof(SlhDsaTestData))] - public void RoundTrip_Export_Import_SecretKey(SlhDsaAlgorithm algorithm) + public void RoundTrip_Export_Import_PrivateKey(SlhDsaAlgorithm algorithm) { // Generate new key using SlhDsa slhDsa = GenerateKey(algorithm); - SlhDsaTestHelpers.AssertExportSlhDsaSecretKey(export => + SlhDsaTestHelpers.AssertExportSlhDsaPrivateKey(export => { - // Roundtrip using secret key. First export it. - byte[] exportedSecretKey = export(slhDsa); - SlhDsaTestHelpers.AssertImportSecretKey(import => + // Roundtrip using private key. First export it. + byte[] exportedPrivateKey = export(slhDsa); + SlhDsaTestHelpers.AssertImportPrivateKey(import => { // Then import it. using SlhDsa roundTrippedSlhDsa = import(); // Verify the roundtripped object has the same key Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); - AssertExtensions.SequenceEqual(slhDsa.ExportSlhDsaSecretKey(), roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(slhDsa.ExportSlhDsaPrivateKey(), roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); AssertExtensions.SequenceEqual(slhDsa.ExportSlhDsaPublicKey(), roundTrippedSlhDsa.ExportSlhDsaPublicKey()); - }, algorithm, exportedSecretKey); + }, algorithm, exportedPrivateKey); }); } @@ -106,7 +106,7 @@ public void RoundTrip_Export_Import_Pkcs8PrivateKey(SlhDsaAlgorithm algorithm) { // Generate new key using SlhDsa slhDsa = GenerateKey(algorithm); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); byte[] publicKey = slhDsa.ExportSlhDsaPublicKey(); SlhDsaTestHelpers.AssertExportPkcs8PrivateKey(export => @@ -118,7 +118,7 @@ public void RoundTrip_Export_Import_Pkcs8PrivateKey(SlhDsaAlgorithm algorithm) // The keys should be the same Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); AssertExtensions.SequenceEqual(publicKey, roundTrippedSlhDsa.ExportSlhDsaPublicKey()); - AssertExtensions.SequenceEqual(secretKey, roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(privateKey, roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); })); } @@ -129,7 +129,7 @@ public void RoundTrip_Export_Import_SPKI(SlhDsaAlgorithm algorithm) // Generate new key using SlhDsa slhDsa = GenerateKey(algorithm); byte[] publicKey = slhDsa.ExportSlhDsaPublicKey(); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); SlhDsaTestHelpers.AssertExportPkcs8PrivateKey(export => SlhDsaTestHelpers.AssertImportPkcs8PrivateKey(import => @@ -140,7 +140,7 @@ public void RoundTrip_Export_Import_SPKI(SlhDsaAlgorithm algorithm) // The keys should be the same Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); AssertExtensions.SequenceEqual(publicKey, roundTrippedSlhDsa.ExportSlhDsaPublicKey()); - AssertExtensions.SequenceEqual(secretKey, roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(privateKey, roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); })); } @@ -150,7 +150,7 @@ public void RoundTrip_Export_Import_EncryptedPkcs8PrivateKey(SlhDsaAlgorithm alg { // Generate new key using SlhDsa slhDsa = GenerateKey(algorithm); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); byte[] publicKey = slhDsa.ExportSlhDsaPublicKey(); PbeParameters pbeParameters = new PbeParameters(PbeEncryptionAlgorithm.Aes128Cbc, HashAlgorithmName.SHA1, 1); @@ -163,7 +163,7 @@ public void RoundTrip_Export_Import_EncryptedPkcs8PrivateKey(SlhDsaAlgorithm alg // The keys should be the same Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); - AssertExtensions.SequenceEqual(secretKey, roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(privateKey, roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); AssertExtensions.SequenceEqual(publicKey, roundTrippedSlhDsa.ExportSlhDsaPublicKey()); })); } @@ -174,7 +174,7 @@ public void RoundTrip_Export_Import_Pkcs8PrivateKeyPem(SlhDsaAlgorithm algorithm { // Generate new key using SlhDsa slhDsa = GenerateKey(algorithm); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); byte[] publicKey = slhDsa.ExportSlhDsaPublicKey(); SlhDsaTestHelpers.AssertExportToPrivateKeyPem(export => @@ -185,7 +185,7 @@ public void RoundTrip_Export_Import_Pkcs8PrivateKeyPem(SlhDsaAlgorithm algorithm // The keys should be the same Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); - AssertExtensions.SequenceEqual(secretKey, roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(privateKey, roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); AssertExtensions.SequenceEqual(publicKey, roundTrippedSlhDsa.ExportSlhDsaPublicKey()); })); } @@ -196,7 +196,7 @@ public void RoundTrip_Export_Import_SPKIPem(SlhDsaAlgorithm algorithm) { // Generate new key using SlhDsa slhDsa = GenerateKey(algorithm); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); byte[] publicKey = slhDsa.ExportSlhDsaPublicKey(); SlhDsaTestHelpers.AssertExportToPublicKeyPem(export => @@ -208,7 +208,7 @@ public void RoundTrip_Export_Import_SPKIPem(SlhDsaAlgorithm algorithm) // The keys should be the same Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); AssertExtensions.SequenceEqual(publicKey, roundTrippedSlhDsa.ExportSlhDsaPublicKey()); - Assert.Throws(() => roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + Assert.Throws(() => roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); })); } @@ -218,7 +218,7 @@ public void RoundTrip_Export_Import_EncryptedPkcs8PrivateKeyPem(SlhDsaAlgorithm { // Generate new key using SlhDsa slhDsa = GenerateKey(algorithm); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); byte[] publicKey = slhDsa.ExportSlhDsaPublicKey(); PbeParameters pbeParameters = new PbeParameters(PbeEncryptionAlgorithm.Aes128Cbc, HashAlgorithmName.SHA1, 1); @@ -231,7 +231,7 @@ public void RoundTrip_Export_Import_EncryptedPkcs8PrivateKeyPem(SlhDsaAlgorithm // The keys should be the same Assert.Equal(algorithm, roundTrippedSlhDsa.Algorithm); - AssertExtensions.SequenceEqual(secretKey, roundTrippedSlhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(privateKey, roundTrippedSlhDsa.ExportSlhDsaPrivateKey()); AssertExtensions.SequenceEqual(publicKey, roundTrippedSlhDsa.ExportSlhDsaPublicKey()); })); } @@ -256,12 +256,12 @@ public void RoundTrip_Import_Export_PublicKey(SlhDsaTestData.SlhDsaGeneratedKeyI [MemberData(nameof(SlhDsaTestData.GeneratedKeyInfosData), MemberType = typeof(SlhDsaTestData))] public void RoundTrip_Import_Export_PrivateKey(SlhDsaTestData.SlhDsaGeneratedKeyInfo info) { - SlhDsaTestHelpers.AssertImportSecretKey(import => - SlhDsaTestHelpers.AssertExportSlhDsaSecretKey(export => + SlhDsaTestHelpers.AssertImportPrivateKey(import => + SlhDsaTestHelpers.AssertExportSlhDsaPrivateKey(export => SlhDsaTestHelpers.WithDispose(import(), slhDsa => - AssertExtensions.SequenceEqual(info.SecretKey, export(slhDsa)))), + AssertExtensions.SequenceEqual(info.PrivateKey, export(slhDsa)))), info.Algorithm, - info.SecretKey); + info.PrivateKey); } [Theory] @@ -314,8 +314,8 @@ public static void ImportPkcs8PrivateKeyIetf() using SlhDsa slhDsa = SlhDsa.ImportPkcs8PrivateKey(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyPkcs8); Assert.Equal(SlhDsaAlgorithm.SlhDsaSha2_128s, slhDsa.Algorithm); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); - AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, secretKey); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); + AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, privateKey); } [Fact] @@ -335,8 +335,8 @@ public static void ImportPemPrivateKeyIetf() using SlhDsa slhDsa = SlhDsa.ImportFromPem(pem); Assert.Equal(SlhDsaAlgorithm.SlhDsaSha2_128s, slhDsa.Algorithm); - byte[] secretKey = slhDsa.ExportSlhDsaSecretKey(); - AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, secretKey); + byte[] privateKey = slhDsa.ExportSlhDsaPrivateKey(); + AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, privateKey); } [Fact] @@ -365,7 +365,7 @@ public void NistKeyGenerationTest(SlhDsaTestData.SlhDsaKeyGenTestVector vector) byte[] skPrf = vector.SecretKeyPrf; byte[] pkSeed = vector.PublicKeySeed; - byte[] sk = vector.SecretKey; + byte[] sk = vector.PrivateKey; byte[] pk = vector.PublicKey; // Sanity test for input vectors: SLH-DSA keys are composed of skSeed, skPrf and pkSeed @@ -374,14 +374,14 @@ public void NistKeyGenerationTest(SlhDsaTestData.SlhDsaKeyGenTestVector vector) AssertExtensions.SequenceEqual(pkSeed.AsSpan(), sk.AsSpan(skSeed.Length + skPrf.Length, pkSeed.Length)); AssertExtensions.SequenceEqual(pkSeed.AsSpan(), pk.AsSpan(0, pkSeed.Length)); - // Import secret key and verify exports - using (SlhDsa secretSlhDsa = ImportSlhDsaSecretKey(vector.Algorithm, sk)) + // Import private key and verify exports + using (SlhDsa privateSlhDsa = ImportSlhDsaPrivateKey(vector.Algorithm, sk)) { - byte[] pubKey = secretSlhDsa.ExportSlhDsaPublicKey(); + byte[] pubKey = privateSlhDsa.ExportSlhDsaPublicKey(); AssertExtensions.SequenceEqual(pk, pubKey); - byte[] secretKey = secretSlhDsa.ExportSlhDsaSecretKey(); - AssertExtensions.SequenceEqual(sk, secretKey); + byte[] privateKey = privateSlhDsa.ExportSlhDsaPrivateKey(); + AssertExtensions.SequenceEqual(sk, privateKey); } // Import public key and verify exports @@ -390,8 +390,8 @@ public void NistKeyGenerationTest(SlhDsaTestData.SlhDsaKeyGenTestVector vector) byte[] pubKey = publicSlhDsa.ExportSlhDsaPublicKey(); AssertExtensions.SequenceEqual(pk, pubKey); - byte[] secretKey = new byte[vector.Algorithm.SecretKeySizeInBytes]; - Assert.Throws(() => publicSlhDsa.ExportSlhDsaSecretKey(secretKey)); + byte[] privateKey = new byte[vector.Algorithm.PrivateKeySizeInBytes]; + Assert.Throws(() => publicSlhDsa.ExportSlhDsaPrivateKey(privateKey)); } } @@ -400,16 +400,16 @@ public void NistKeyGenerationTest(SlhDsaTestData.SlhDsaKeyGenTestVector vector) [Fact] public static void ImportPkcs8_BerEncoding() { - // Secret key is DER encoded, so create a BER encoding from it by making it use indefinite length encoding. - byte[] secretKeyPkcs8 = SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyPkcs8; + // Private key is DER encoded, so create a BER encoding from it by making it use indefinite length encoding. + byte[] privateKeyPkcs8 = SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyPkcs8; // Two 0x00 bytes at the end signal the end of the indefinite length encoding - byte[] indefiniteLengthOctet = new byte[secretKeyPkcs8.Length + 2]; - secretKeyPkcs8.CopyTo(indefiniteLengthOctet); + byte[] indefiniteLengthOctet = new byte[privateKeyPkcs8.Length + 2]; + privateKeyPkcs8.CopyTo(indefiniteLengthOctet); indefiniteLengthOctet[1] = 0b1000_0000; // change length to indefinite SlhDsaTestHelpers.AssertImportPkcs8PrivateKey(import => - SlhDsaTestHelpers.AssertExportSlhDsaSecretKey(export => + SlhDsaTestHelpers.AssertExportSlhDsaPrivateKey(export => SlhDsaTestHelpers.WithDispose(import(indefiniteLengthOctet), slhDsa => AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, export(slhDsa))))); } @@ -442,7 +442,7 @@ public void ImportPkcs8WithTrailingData(SlhDsaAlgorithm algorithm) [MemberData(nameof(SlhDsaTestData.GeneratedKeyInfosData), MemberType = typeof(SlhDsaTestData))] public void ExportEncryptedPkcs8PrivateKey_PbeParameters(SlhDsaTestData.SlhDsaGeneratedKeyInfo info) { - using SlhDsa slhDsa = ImportSlhDsaSecretKey(info.Algorithm, info.SecretKey); + using SlhDsa slhDsa = ImportSlhDsaPrivateKey(info.Algorithm, info.PrivateKey); SlhDsaTestHelpers.EncryptionPasswordType passwordTypeToTest = SlhDsaTestHelpers.GetValidPasswordTypes(info.EncryptionParameters); @@ -460,7 +460,7 @@ public void ExportEncryptedPkcs8PrivateKey_PbeParameters(SlhDsaTestData.SlhDsaGe [MemberData(nameof(SlhDsaTestData.GeneratedKeyInfosData), MemberType = typeof(SlhDsaTestData))] public void ExportKey_DestinationTooSmall(SlhDsaTestData.SlhDsaGeneratedKeyInfo info) { - using SlhDsa slhDsa = ImportSlhDsaSecretKey(info.Algorithm, info.SecretKey); + using SlhDsa slhDsa = ImportSlhDsaPrivateKey(info.Algorithm, info.PrivateKey); byte[] pkcs8PrivateKey = slhDsa.ExportPkcs8PrivateKey(); byte[] spki = slhDsa.ExportSubjectPublicKeyInfo(); byte[] encryptedPkcs8 = slhDsa.ExportEncryptedPkcs8PrivateKey(info.EncryptionPassword, info.EncryptionParameters); @@ -518,6 +518,6 @@ public void ExportKey_DestinationTooSmall(SlhDsaTestData.SlhDsaGeneratedKeyInfo protected override SlhDsa GenerateKey(SlhDsaAlgorithm algorithm) => SlhDsa.GenerateKey(algorithm); protected override SlhDsa ImportSlhDsaPublicKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => SlhDsa.ImportSlhDsaPublicKey(algorithm, source); - protected override SlhDsa ImportSlhDsaSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => SlhDsa.ImportSlhDsaSecretKey(algorithm, source); + protected override SlhDsa ImportSlhDsaPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => SlhDsa.ImportSlhDsaPrivateKey(algorithm, source); } } diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaMockImplementation.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaMockImplementation.cs index c02699376ea588..56d8dfa7c81637 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaMockImplementation.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaMockImplementation.cs @@ -25,7 +25,7 @@ public SlhDsaMockImplementation(SlhDsaAlgorithm algorithm) } public delegate void ExportSlhDsaPublicKeyCoreAction(Span s); - public delegate void ExportSlhDsaSecretKeyCoreAction(Span s); + public delegate void ExportSlhDsaPrivateKeyCoreAction(Span s); public delegate bool TryExportPkcs8PrivateKeyCoreFunc(Span destination, out int bytesWritten); public delegate void SignDataCoreAction(ReadOnlySpan data, ReadOnlySpan context, Span s); public delegate bool VerifyDataCoreFunc(ReadOnlySpan data, ReadOnlySpan context, ReadOnlySpan signature); @@ -41,12 +41,12 @@ public SlhDsaMockImplementation(SlhDsaAlgorithm algorithm) public int VerifyPreHashCoreCallCount = 0; public int SignPreHashCoreCallCount = 0; public int ExportSlhDsaPublicKeyCoreCallCount = 0; - public int ExportSlhDsaSecretKeyCoreCallCount = 0; + public int ExportSlhDsaPrivateKeyCoreCallCount = 0; public int TryExportPkcs8PrivateKeyCoreCallCount = 0; public int DisposeCallCount = 0; public ExportSlhDsaPublicKeyCoreAction ExportSlhDsaPublicKeyCoreHook { get; set; } = _ => Assert.Fail(); - public ExportSlhDsaSecretKeyCoreAction ExportSlhDsaSecretKeyCoreHook { get; set; } = _ => Assert.Fail(); + public ExportSlhDsaPrivateKeyCoreAction ExportSlhDsaPrivateKeyCoreHook { get; set; } = _ => Assert.Fail(); public TryExportPkcs8PrivateKeyCoreFunc TryExportPkcs8PrivateKeyCoreHook { get; set; } = (_, out bytesWritten) => { Assert.Fail(); bytesWritten = 0; return false; }; public SignDataCoreAction SignDataCoreHook { get; set; } = (_, _, _) => Assert.Fail(); @@ -61,10 +61,10 @@ protected override void ExportSlhDsaPublicKeyCore(Span destination) ExportSlhDsaPublicKeyCoreHook(destination); } - protected override void ExportSlhDsaSecretKeyCore(Span destination) + protected override void ExportSlhDsaPrivateKeyCore(Span destination) { - ExportSlhDsaSecretKeyCoreCallCount++; - ExportSlhDsaSecretKeyCoreHook(destination); + ExportSlhDsaPrivateKeyCoreCallCount++; + ExportSlhDsaPrivateKeyCoreHook(destination); } protected override void Dispose(bool disposing) @@ -112,11 +112,11 @@ public void AddLengthAssertion() Assert.Equal(Algorithm.PublicKeySizeInBytes, destination.Length); }; - ExportSlhDsaSecretKeyCoreAction oldExportSlhDsaSecretKeyCoreHook = ExportSlhDsaSecretKeyCoreHook; - ExportSlhDsaSecretKeyCoreHook = (Span destination) => + ExportSlhDsaPrivateKeyCoreAction oldExportSlhDsaPrivateKeyCoreHook = ExportSlhDsaPrivateKeyCoreHook; + ExportSlhDsaPrivateKeyCoreHook = (Span destination) => { - oldExportSlhDsaSecretKeyCoreHook(destination); - Assert.Equal(Algorithm.SecretKeySizeInBytes, destination.Length); + oldExportSlhDsaPrivateKeyCoreHook(destination); + Assert.Equal(Algorithm.PrivateKeySizeInBytes, destination.Length); }; SignDataCoreAction oldSignDataCoreHook = SignDataCoreHook; @@ -159,10 +159,10 @@ public void AddDestinationBufferIsSameAssertion(ReadOnlyMemory buffer) AssertExtensions.Same(buffer.Span, destination); }; - ExportSlhDsaSecretKeyCoreAction oldExportSlhDsaSecretKeyCoreHook = ExportSlhDsaSecretKeyCoreHook; - ExportSlhDsaSecretKeyCoreHook = (Span destination) => + ExportSlhDsaPrivateKeyCoreAction oldExportSlhDsaPrivateKeyCoreHook = ExportSlhDsaPrivateKeyCoreHook; + ExportSlhDsaPrivateKeyCoreHook = (Span destination) => { - oldExportSlhDsaSecretKeyCoreHook(destination); + oldExportSlhDsaPrivateKeyCoreHook(destination); AssertExtensions.Same(buffer.Span, destination); }; @@ -301,10 +301,10 @@ public void AddFillDestination(byte b) destination.Fill(b); }; - ExportSlhDsaSecretKeyCoreAction oldExportSlhDsaSecretKeyCoreHook = ExportSlhDsaSecretKeyCoreHook; - ExportSlhDsaSecretKeyCoreHook = (Span destination) => + ExportSlhDsaPrivateKeyCoreAction oldExportSlhDsaPrivateKeyCoreHook = ExportSlhDsaPrivateKeyCoreHook; + ExportSlhDsaPrivateKeyCoreHook = (Span destination) => { - oldExportSlhDsaSecretKeyCoreHook(destination); + oldExportSlhDsaPrivateKeyCoreHook(destination); destination.Fill(b); }; diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestData.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestData.cs index 497aa2fb13ee84..1c2a21d4591ecb 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestData.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestData.cs @@ -542,7 +542,7 @@ public static partial class SlhDsaTestData // Generate private key pem: // > openssl genpkey -algorithm "SLH-DSA-SHA2-128f" > private.pem // - // Get secret key: + // Get private key: // > openssl asn1parse -in private.pem | tail -1 | cut -d':' -f4 // // Get base64 private key info: @@ -558,7 +558,7 @@ public class SlhDsaGeneratedKeyInfo public SlhDsaGeneratedKeyInfo( int Id, SlhDsaAlgorithm Algorithm, - string SecretKeyHex, + string PrivateKeyHex, string Pkcs8PrivateKeyBase64, string Pkcs8PublicKeyBase64, string Pkcs8EncryptedPrivateKeyBase64, @@ -570,7 +570,7 @@ public SlhDsaGeneratedKeyInfo( { this.Id = Id; this.Algorithm = Algorithm; - this.SecretKeyHex = SecretKeyHex; + this.PrivateKeyHex = PrivateKeyHex; this.Pkcs8PrivateKeyBase64 = Pkcs8PrivateKeyBase64; this.Pkcs8PublicKeyBase64 = Pkcs8PublicKeyBase64; this.Pkcs8EncryptedPrivateKeyBase64 = Pkcs8EncryptedPrivateKeyBase64; @@ -583,7 +583,7 @@ public SlhDsaGeneratedKeyInfo( public int Id { get; } public SlhDsaAlgorithm Algorithm { get; } - public string SecretKeyHex { get; } + public string PrivateKeyHex { get; } public string Pkcs8PrivateKeyBase64 { get; } public string Pkcs8PublicKeyBase64 { get; } public string Pkcs8EncryptedPrivateKeyBase64 { get; } @@ -593,8 +593,8 @@ public SlhDsaGeneratedKeyInfo( public string EncryptionPassword { get; } public PbeParameters EncryptionParameters { get; } - public byte[] SecretKey => SecretKeyHex.HexToByteArray(); - public byte[] PublicKey => SecretKey.AsSpan(Algorithm.SecretKeySizeInBytes/2).ToArray(); + public byte[] PrivateKey => PrivateKeyHex.HexToByteArray(); + public byte[] PublicKey => PrivateKey.AsSpan(Algorithm.PrivateKeySizeInBytes/2).ToArray(); public byte[] Pkcs8PrivateKey => Convert.FromBase64String(Pkcs8PrivateKeyBase64); public byte[] Pkcs8PublicKey => Convert.FromBase64String(Pkcs8PublicKeyBase64); public byte[] Pkcs8EncryptedPrivateKey => Convert.FromBase64String(Pkcs8EncryptedPrivateKeyBase64); @@ -624,7 +624,7 @@ public SlhDsaKeyGenTestVector( string SecretKeySeedHex, string SecretKeyPrfHex, string PublicKeySeedHex, - string SecretKeyHex, + string PrivateKeyHex, string PublicKeyHex) { this.TestCaseId = TestCaseId; @@ -632,7 +632,7 @@ public SlhDsaKeyGenTestVector( this.SecretKeySeedHex = SecretKeySeedHex; this.SecretKeyPrfHex = SecretKeyPrfHex; this.PublicKeySeedHex = PublicKeySeedHex; - this.SecretKeyHex = SecretKeyHex; + this.PrivateKeyHex = PrivateKeyHex; this.PublicKeyHex = PublicKeyHex; } @@ -641,14 +641,14 @@ public SlhDsaKeyGenTestVector( public string SecretKeySeedHex { get; } public string SecretKeyPrfHex { get; } public string PublicKeySeedHex { get; } - public string SecretKeyHex { get; } + public string PrivateKeyHex { get; } public string PublicKeyHex { get; } public byte[] SecretKeySeed => SecretKeySeedHex.HexToByteArray(); public byte[] SecretKeyPrf => SecretKeyPrfHex.HexToByteArray(); public byte[] PublicKeySeed => PublicKeySeedHex.HexToByteArray(); - public byte[] SecretKey => SecretKeyHex.HexToByteArray(); + public byte[] PrivateKey => PrivateKeyHex.HexToByteArray(); public byte[] PublicKey => PublicKeyHex.HexToByteArray(); public override string ToString() => $"{nameof(SlhDsaKeyGenTestVector)} {{ {nameof(TestCaseId)} = {TestCaseId}, {nameof(Algorithm)} = \"{Algorithm.Name}\" }}"; @@ -774,7 +774,7 @@ public SlhDsaSigVerTestVector( int TestCaseId, bool TestPassed, SlhDsaAlgorithm Algorithm, - string SecretKeyHex, + string PrivateKeyHex, string PublicKeyHex, string MessageHex, string ContextHex, @@ -784,7 +784,7 @@ public SlhDsaSigVerTestVector( this.TestCaseId = TestCaseId; this.TestPassed = TestPassed; this.Algorithm = Algorithm; - this.SecretKeyHex = SecretKeyHex; + this.PrivateKeyHex = PrivateKeyHex; this.PublicKeyHex = PublicKeyHex; this.MessageHex = MessageHex; this.ContextHex = ContextHex; @@ -795,14 +795,14 @@ public SlhDsaSigVerTestVector( public int TestCaseId { get; } public bool TestPassed { get; } public SlhDsaAlgorithm Algorithm { get; } - public string SecretKeyHex { get; } + public string PrivateKeyHex { get; } public string PublicKeyHex { get; } public string MessageHex { get; } public string ContextHex { get; } public string SignatureHex { get; } public string HashAlgorithm { get; } - public byte[] SecretKey => SecretKeyHex.HexToByteArray(); + public byte[] PrivateKey => PrivateKeyHex.HexToByteArray(); public byte[] PublicKey => PublicKeyHex.HexToByteArray(); public byte[] Message => MessageHex.HexToByteArray(); public byte[] Context => ContextHex.HexToByteArray(); diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestHelpers.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestHelpers.cs index ff1a4ffabff88b..0849eede434f92 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestHelpers.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTestHelpers.cs @@ -40,7 +40,7 @@ internal static void VerifyDisposed(SlhDsa slhDsa) Assert.Throws(() => slhDsa.ExportPkcs8PrivateKey()); Assert.Throws(() => slhDsa.ExportPkcs8PrivateKeyPem()); Assert.Throws(() => slhDsa.ExportSlhDsaPublicKey(tempBuffer.AsSpan(0, slhDsa.Algorithm.PublicKeySizeInBytes))); - Assert.Throws(() => slhDsa.ExportSlhDsaSecretKey(tempBuffer.AsSpan(0, slhDsa.Algorithm.SecretKeySizeInBytes))); + Assert.Throws(() => slhDsa.ExportSlhDsaPrivateKey(tempBuffer.AsSpan(0, slhDsa.Algorithm.PrivateKeySizeInBytes))); Assert.Throws(() => slhDsa.ExportSubjectPublicKeyInfo()); Assert.Throws(() => slhDsa.ExportSubjectPublicKeyInfoPem()); Assert.Throws(() => slhDsa.TryExportEncryptedPkcs8PrivateKey(ReadOnlySpan.Empty, pbeParameters, [], out _)); @@ -94,21 +94,21 @@ internal static void AssertImportSubjectKeyPublicInfo( testEmbeddedCall(spki => SlhDsa.ImportFromPem(PemEncoding.WriteString("PUBLIC KEY", spki).AsSpan())); } - internal static void AssertImportSecretKey(Action> test, SlhDsaAlgorithm algorithm, byte[] secretKey) => - AssertImportSecretKey(test, test, algorithm, secretKey); + internal static void AssertImportPrivateKey(Action> test, SlhDsaAlgorithm algorithm, byte[] PrivateKey) => + AssertImportPrivateKey(test, test, algorithm, PrivateKey); - internal static void AssertImportSecretKey(Action> testDirectCall, Action> testEmbeddedCall, SlhDsaAlgorithm algorithm, byte[] secretKey) + internal static void AssertImportPrivateKey(Action> testDirectCall, Action> testEmbeddedCall, SlhDsaAlgorithm algorithm, byte[] PrivateKey) { - testDirectCall(() => SlhDsa.ImportSlhDsaSecretKey(algorithm, secretKey)); + testDirectCall(() => SlhDsa.ImportSlhDsaPrivateKey(algorithm, PrivateKey)); - if (secretKey?.Length == 0) + if (PrivateKey?.Length == 0) { - testDirectCall(() => SlhDsa.ImportSlhDsaSecretKey(algorithm, Array.Empty().AsSpan())); - testDirectCall(() => SlhDsa.ImportSlhDsaSecretKey(algorithm, ReadOnlySpan.Empty)); + testDirectCall(() => SlhDsa.ImportSlhDsaPrivateKey(algorithm, Array.Empty().AsSpan())); + testDirectCall(() => SlhDsa.ImportSlhDsaPrivateKey(algorithm, ReadOnlySpan.Empty)); } else { - testDirectCall(() => SlhDsa.ImportSlhDsaSecretKey(algorithm, secretKey.AsSpan())); + testDirectCall(() => SlhDsa.ImportSlhDsaPrivateKey(algorithm, PrivateKey.AsSpan())); } PrivateKeyInfoAsn pkcs8 = new PrivateKeyInfoAsn @@ -118,7 +118,7 @@ internal static void AssertImportSecretKey(Action> testDirectCall, Algorithm = AlgorithmToOid(algorithm), Parameters = default(ReadOnlyMemory?), }, - PrivateKey = secretKey, + PrivateKey = PrivateKey, }; AssertImportPkcs8PrivateKey(import => @@ -220,14 +220,14 @@ internal static void AssertExportSlhDsaPublicKey(Action> ca SubjectPublicKeyInfoAsn.Decode(exportSpki(slhDsa), AsnEncodingRules.DER).SubjectPublicKey.Span.ToArray())); } - internal static void AssertExportSlhDsaSecretKey(Action> callback) + internal static void AssertExportSlhDsaPrivateKey(Action> callback) { - callback(slhDsa => slhDsa.ExportSlhDsaSecretKey()); + callback(slhDsa => slhDsa.ExportSlhDsaPrivateKey()); callback( slhDsa => { - byte[] buffer = new byte[slhDsa.Algorithm.SecretKeySizeInBytes]; - slhDsa.ExportSlhDsaSecretKey(buffer.AsSpan()); + byte[] buffer = new byte[slhDsa.Algorithm.PrivateKeySizeInBytes]; + slhDsa.ExportSlhDsaPrivateKey(buffer.AsSpan()); return buffer; }); diff --git a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTests.cs b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTests.cs index 50f6fddc213b16..8cd6016c93af48 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTests.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/AlgorithmImplementations/SlhDsa/SlhDsaTests.cs @@ -13,7 +13,7 @@ public abstract class SlhDsaTests { protected abstract SlhDsa GenerateKey(SlhDsaAlgorithm algorithm); protected abstract SlhDsa ImportSlhDsaPublicKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source); - protected abstract SlhDsa ImportSlhDsaSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source); + protected abstract SlhDsa ImportSlhDsaPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source); public static IEnumerable NistPureSigVerTestVectorsData => from vector in SlhDsaTestData.NistSigVerTestVectors @@ -32,8 +32,8 @@ public void NistPureSignatureVerificationTest(SlhDsaTestData.SlhDsaSigVerTestVec using SlhDsa publicSlhDsa = ImportSlhDsaPublicKey(vector.Algorithm, vector.PublicKey); Assert.Equal(vector.TestPassed, publicSlhDsa.VerifyData(msg, sig, ctx)); - // Test signature verification with secret key - using SlhDsa secretSlhDsa = ImportSlhDsaSecretKey(vector.Algorithm, vector.SecretKey); + // Test signature verification with private key + using SlhDsa secretSlhDsa = ImportSlhDsaPrivateKey(vector.Algorithm, vector.PrivateKey); Assert.Equal(vector.TestPassed, secretSlhDsa.VerifyData(msg, sig, ctx)); } @@ -55,8 +55,8 @@ public void NistPreHashSignatureVerificationTest(SlhDsaTestData.SlhDsaSigVerTest using SlhDsa publicSlhDsa = ImportSlhDsaPublicKey(vector.Algorithm, vector.PublicKey); Assert.Equal(vector.TestPassed, publicSlhDsa.VerifyPreHash(hash, sig, vector.HashAlgorithm, ctx)); - // Test signature verification with secret key - using SlhDsa secretSlhDsa = ImportSlhDsaSecretKey(vector.Algorithm, vector.SecretKey); + // Test signature verification with private key + using SlhDsa secretSlhDsa = ImportSlhDsaPrivateKey(vector.Algorithm, vector.PrivateKey); Assert.Equal(vector.TestPassed, secretSlhDsa.VerifyPreHash(hash, sig, vector.HashAlgorithm, ctx)); } @@ -156,19 +156,19 @@ public void GenerateSignExportPublicVerifyWithPublicOnly(SlhDsaAlgorithm algorit [Theory] [MemberData(nameof(AlgorithmsData_Small))] - public void GenerateExportSecretKeySignAndVerify(SlhDsaAlgorithm algorithm) + public void GenerateExportPrivateKeySignAndVerify(SlhDsaAlgorithm algorithm) { - byte[] secretKey; + byte[] privateKey; byte[] data = [1, 2, 3, 4, 5]; byte[] signature; using (SlhDsa slhDsa = GenerateKey(algorithm)) { signature = slhDsa.SignData(data); - secretKey = slhDsa.ExportSlhDsaSecretKey(); + privateKey = slhDsa.ExportSlhDsaPrivateKey(); } - using (SlhDsa slhDsa = ImportSlhDsaSecretKey(algorithm, secretKey)) + using (SlhDsa slhDsa = ImportSlhDsaPrivateKey(algorithm, privateKey)) { ExerciseSuccessfulVerify(slhDsa, data, signature, []); @@ -204,9 +204,9 @@ public void GenerateSignPreHashExportPublicVerifyWithPublicOnly(SlhDsaAlgorithm [Theory] [MemberData(nameof(AlgorithmsData_Small))] - public void GenerateExportSecretKeySignPreHashAndVerify(SlhDsaAlgorithm algorithm) + public void GenerateExportPrivateKeySignPreHashAndVerify(SlhDsaAlgorithm algorithm) { - byte[] secretKey; + byte[] privateKey; string shake256Oid = HashInfo.Shake256.Oid; byte[] data = new byte[HashInfo.Shake256.OutputSize]; byte[] signature; @@ -214,10 +214,10 @@ public void GenerateExportSecretKeySignPreHashAndVerify(SlhDsaAlgorithm algorith using (SlhDsa slhDsa = GenerateKey(algorithm)) { signature = slhDsa.SignPreHash(data, shake256Oid); - secretKey = slhDsa.ExportSlhDsaSecretKey(); + privateKey = slhDsa.ExportSlhDsaPrivateKey(); } - using (SlhDsa slhDsa = ImportSlhDsaSecretKey(algorithm, secretKey)) + using (SlhDsa slhDsa = ImportSlhDsaPrivateKey(algorithm, privateKey)) { ExerciseSuccessfulVerifyPreHash(slhDsa, data, signature, shake256Oid, []); diff --git a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateCreation/PrivateKeyAssociationTests.Shared.cs b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateCreation/PrivateKeyAssociationTests.Shared.cs index 6e8fa326d97111..ad69d77511b33c 100644 --- a/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateCreation/PrivateKeyAssociationTests.Shared.cs +++ b/src/libraries/Common/tests/System/Security/Cryptography/X509Certificates/CertificateCreation/PrivateKeyAssociationTests.Shared.cs @@ -69,7 +69,7 @@ public static void GetSlhDsaPrivateKeyTest() // Verify the key is actually private AssertExtensions.SequenceEqual( SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, - certKey.ExportSlhDsaSecretKey()); + certKey.ExportSlhDsaPrivateKey()); } } } @@ -113,8 +113,8 @@ public static void CheckCopyWithPrivateKey_SlhDsa_OtherSlhDsa() { using (SlhDsaMockImplementation publicSlhDsa = SlhDsaMockImplementation.Create(SlhDsaAlgorithm.SlhDsaSha2_128s)) { - Exception e = new Exception("no secret key"); - publicSlhDsa.ExportSlhDsaSecretKeyCoreHook = _ => throw e; + Exception e = new Exception("no private key"); + publicSlhDsa.ExportSlhDsaPrivateKeyCoreHook = _ => throw e; publicSlhDsa.ExportSlhDsaPublicKeyCoreHook = (Span destination) => SlhDsaTestData.IetfSlhDsaSha2_128sPublicKeyValue.CopyTo(destination); @@ -124,7 +124,7 @@ public static void CheckCopyWithPrivateKey_SlhDsa_OtherSlhDsa() SlhDsaMockImplementation privateSlhDsa = SlhDsaMockImplementation.Create(SlhDsaAlgorithm.SlhDsaSha2_128s); privateSlhDsa.ExportSlhDsaPublicKeyCoreHook = (Span destination) => SlhDsaTestData.IetfSlhDsaSha2_128sPublicKeyValue.CopyTo(destination); - privateSlhDsa.ExportSlhDsaSecretKeyCoreHook = (Span destination) => + privateSlhDsa.ExportSlhDsaPrivateKeyCoreHook = (Span destination) => SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue.CopyTo(destination); using (X509Certificate2 privCert = CopyWithPrivateKey_SlhDsa(pubOnly, privateSlhDsa)) @@ -135,16 +135,16 @@ public static void CheckCopyWithPrivateKey_SlhDsa_OtherSlhDsa() { AssertExtensions.SequenceEqual( SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, - certPrivateSlhDsa.ExportSlhDsaSecretKey()); + certPrivateSlhDsa.ExportSlhDsaPrivateKey()); privateSlhDsa.Dispose(); privateSlhDsa.ExportSlhDsaPublicKeyCoreHook = _ => Assert.Fail(); - privateSlhDsa.ExportSlhDsaSecretKeyCoreHook = _ => Assert.Fail(); + privateSlhDsa.ExportSlhDsaPrivateKeyCoreHook = _ => Assert.Fail(); // Ensure the key is actual a clone AssertExtensions.SequenceEqual( SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, - certPrivateSlhDsa.ExportSlhDsaSecretKey()); + certPrivateSlhDsa.ExportSlhDsaPrivateKey()); } } } @@ -784,7 +784,7 @@ private static partial void CheckCopyWithPrivateKey( private static X509Certificate2 LoadShlDsaIetfCertificateWithPrivateKey() { using (X509Certificate2 cert = X509CertificateLoader.LoadCertificate(SlhDsaTestData.IetfSlhDsaSha2_128sCertificate)) - using (SlhDsa? privateKey = SlhDsa.ImportSlhDsaSecretKey(SlhDsaAlgorithm.SlhDsaSha2_128s, SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue)) + using (SlhDsa? privateKey = SlhDsa.ImportSlhDsaPrivateKey(SlhDsaAlgorithm.SlhDsaSha2_128s, SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue)) return cert.CopyWithPrivateKey(privateKey); } diff --git a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs index faa41a19c7cb8b..e5d72b17c2433f 100644 --- a/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs +++ b/src/libraries/System.Security.Cryptography.Pkcs/tests/SignedCms/SignedCmsTests.netcoreapp.cs @@ -559,7 +559,7 @@ public static void AddSigner_ECDSA_EphemeralKey() [ConditionalFact(typeof(SlhDsa), nameof(SlhDsa.IsSupported))] public static void AddSigner_SlhDsa_EphemeralKey() { - using (SlhDsa slhDsa = SlhDsa.ImportSlhDsaSecretKey(SlhDsaAlgorithm.SlhDsaSha2_128s, SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue)) + using (SlhDsa slhDsa = SlhDsa.ImportSlhDsaPrivateKey(SlhDsaAlgorithm.SlhDsaSha2_128s, SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue)) using (X509Certificate2 publicCertificate = Certificates.SlhDsaSha2_128s_Ietf.GetCertificate()) using (X509Certificate2 certificateWithKey = Certificates.SlhDsaSha2_128s_Ietf.TryGetCertificateWithPrivateKey(exportable: true)) { @@ -738,7 +738,7 @@ public static void ComputeSignature_SlhDsa_ThrowsWithUnsupportedHash(string hash SignedCms cms = new SignedCms(content); SlhDsa slhDsa = - SlhDsa.ImportSlhDsaSecretKey( + SlhDsa.ImportSlhDsaPrivateKey( SlhDsaAlgorithm.SlhDsaSha2_128s, SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue); diff --git a/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs b/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs index b67983c651d71d..83850ad1ef92c0 100644 --- a/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs +++ b/src/libraries/System.Security.Cryptography/ref/System.Security.Cryptography.cs @@ -3061,12 +3061,12 @@ protected virtual void Dispose(bool disposing) { } public string ExportEncryptedPkcs8PrivateKeyPem(string password, System.Security.Cryptography.PbeParameters pbeParameters) { throw null; } public byte[] ExportPkcs8PrivateKey() { throw null; } public string ExportPkcs8PrivateKeyPem() { throw null; } + public byte[] ExportSlhDsaPrivateKey() { throw null; } + public void ExportSlhDsaPrivateKey(System.Span destination) { } + protected abstract void ExportSlhDsaPrivateKeyCore(System.Span destination); public byte[] ExportSlhDsaPublicKey() { throw null; } public void ExportSlhDsaPublicKey(System.Span destination) { } protected abstract void ExportSlhDsaPublicKeyCore(System.Span destination); - public byte[] ExportSlhDsaSecretKey() { throw null; } - public void ExportSlhDsaSecretKey(System.Span destination) { } - protected abstract void ExportSlhDsaSecretKeyCore(System.Span destination); public byte[] ExportSubjectPublicKeyInfo() { throw null; } public string ExportSubjectPublicKeyInfoPem() { throw null; } public static System.Security.Cryptography.SlhDsa GenerateKey(System.Security.Cryptography.SlhDsaAlgorithm algorithm) { throw null; } @@ -3081,10 +3081,10 @@ public void ExportSlhDsaSecretKey(System.Span destination) { } public static System.Security.Cryptography.SlhDsa ImportFromPem(string source) { throw null; } public static System.Security.Cryptography.SlhDsa ImportPkcs8PrivateKey(byte[] source) { throw null; } public static System.Security.Cryptography.SlhDsa ImportPkcs8PrivateKey(System.ReadOnlySpan source) { throw null; } + public static System.Security.Cryptography.SlhDsa ImportSlhDsaPrivateKey(System.Security.Cryptography.SlhDsaAlgorithm algorithm, byte[] source) { throw null; } + public static System.Security.Cryptography.SlhDsa ImportSlhDsaPrivateKey(System.Security.Cryptography.SlhDsaAlgorithm algorithm, System.ReadOnlySpan source) { throw null; } public static System.Security.Cryptography.SlhDsa ImportSlhDsaPublicKey(System.Security.Cryptography.SlhDsaAlgorithm algorithm, byte[] source) { throw null; } public static System.Security.Cryptography.SlhDsa ImportSlhDsaPublicKey(System.Security.Cryptography.SlhDsaAlgorithm algorithm, System.ReadOnlySpan source) { throw null; } - public static System.Security.Cryptography.SlhDsa ImportSlhDsaSecretKey(System.Security.Cryptography.SlhDsaAlgorithm algorithm, byte[] source) { throw null; } - public static System.Security.Cryptography.SlhDsa ImportSlhDsaSecretKey(System.Security.Cryptography.SlhDsaAlgorithm algorithm, System.ReadOnlySpan source) { throw null; } public static System.Security.Cryptography.SlhDsa ImportSubjectPublicKeyInfo(byte[] source) { throw null; } public static System.Security.Cryptography.SlhDsa ImportSubjectPublicKeyInfo(System.ReadOnlySpan source) { throw null; } public byte[] SignData(byte[] data, byte[]? context = null) { throw null; } @@ -3111,8 +3111,8 @@ public sealed partial class SlhDsaAlgorithm : System.IEquatable destination) { } protected override void ExportSlhDsaPublicKeyCore(System.Span destination) { } - protected override void ExportSlhDsaSecretKeyCore(System.Span destination) { } public System.Security.Cryptography.CngKey GetKey() { throw null; } protected override void SignDataCore(System.ReadOnlySpan data, System.ReadOnlySpan context, System.Span destination) { } protected override void SignPreHashCore(System.ReadOnlySpan hash, System.ReadOnlySpan context, string hashAlgorithmOid, System.Span destination) { } @@ -3159,8 +3159,8 @@ public sealed partial class SlhDsaOpenSsl : System.Security.Cryptography.SlhDsa public SlhDsaOpenSsl(System.Security.Cryptography.SafeEvpPKeyHandle pkeyHandle) : base (default(System.Security.Cryptography.SlhDsaAlgorithm)) { } protected override void Dispose(bool disposing) { } public System.Security.Cryptography.SafeEvpPKeyHandle DuplicateKeyHandle() { throw null; } + protected override void ExportSlhDsaPrivateKeyCore(System.Span destination) { } protected override void ExportSlhDsaPublicKeyCore(System.Span destination) { } - protected override void ExportSlhDsaSecretKeyCore(System.Span destination) { } protected override void SignDataCore(System.ReadOnlySpan data, System.ReadOnlySpan context, System.Span destination) { } protected override void SignPreHashCore(System.ReadOnlySpan hash, System.ReadOnlySpan context, string hashAlgorithmOid, System.Span destination) { } protected override bool VerifyDataCore(System.ReadOnlySpan data, System.ReadOnlySpan context, System.ReadOnlySpan signature) { throw null; } diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaImplementation.OpenSsl.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaImplementation.OpenSsl.cs index 773d7b5eb5ee29..37a9c776e2c16d 100644 --- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaImplementation.OpenSsl.cs +++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaImplementation.OpenSsl.cs @@ -91,7 +91,7 @@ protected override bool VerifyPreHashCore(ReadOnlySpan hash, ReadOnlySpan< protected override void ExportSlhDsaPublicKeyCore(Span destination) => Interop.Crypto.SlhDsaExportPublicKey(_key, destination); - protected override void ExportSlhDsaSecretKeyCore(Span destination) => + protected override void ExportSlhDsaPrivateKeyCore(Span destination) => Interop.Crypto.SlhDsaExportSecretKey(_key, destination); internal static partial SlhDsaImplementation ImportPublicKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) @@ -104,9 +104,9 @@ internal static partial SlhDsaImplementation ImportPublicKey(SlhDsaAlgorithm alg internal static partial SlhDsaImplementation ImportPkcs8PrivateKeyValue(SlhDsaAlgorithm algorithm, ReadOnlySpan source) => throw new PlatformNotSupportedException(); - internal static partial SlhDsaImplementation ImportSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) + internal static partial SlhDsaImplementation ImportPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) { - Debug.Assert(source.Length == algorithm.SecretKeySizeInBytes, $"Secret key was expected to be {algorithm.SecretKeySizeInBytes} bytes, but was {source.Length} bytes."); + Debug.Assert(source.Length == algorithm.PrivateKeySizeInBytes, $"Private key was expected to be {algorithm.PrivateKeySizeInBytes} bytes, but was {source.Length} bytes."); SafeEvpPKeyHandle key = Interop.Crypto.EvpPKeyFromData(algorithm.Name, source, privateKey: true); return new SlhDsaImplementation(algorithm, key); } diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.NotSupported.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.NotSupported.cs index ae0a6ef5a8df88..402b9b5e31cab1 100644 --- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.NotSupported.cs +++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.NotSupported.cs @@ -54,7 +54,7 @@ protected override void ExportSlhDsaPublicKeyCore(Span destination) throw new PlatformNotSupportedException(); } - protected override void ExportSlhDsaSecretKeyCore(Span destination) + protected override void ExportSlhDsaPrivateKeyCore(Span destination) { Debug.Fail("Caller should have checked platform availability."); throw new PlatformNotSupportedException(); diff --git a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.OpenSsl.cs b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.OpenSsl.cs index 36db28b7b8b175..52df64baf0b8c6 100644 --- a/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.OpenSsl.cs +++ b/src/libraries/System.Security.Cryptography/src/System/Security/Cryptography/SlhDsaOpenSsl.OpenSsl.cs @@ -111,7 +111,7 @@ protected override bool VerifyPreHashCore(ReadOnlySpan hash, ReadOnlySpan< protected override void ExportSlhDsaPublicKeyCore(Span destination) => Interop.Crypto.SlhDsaExportPublicKey(_key, destination); - protected override void ExportSlhDsaSecretKeyCore(Span destination) => + protected override void ExportSlhDsaPrivateKeyCore(Span destination) => Interop.Crypto.SlhDsaExportSecretKey(_key, destination); } } diff --git a/src/libraries/System.Security.Cryptography/tests/SlhDsaOpenSslTests.cs b/src/libraries/System.Security.Cryptography/tests/SlhDsaOpenSslTests.cs index f1f959cd1719e0..07c45a3c12ad29 100644 --- a/src/libraries/System.Security.Cryptography/tests/SlhDsaOpenSslTests.cs +++ b/src/libraries/System.Security.Cryptography/tests/SlhDsaOpenSslTests.cs @@ -75,7 +75,7 @@ public void SlhDsaOpenSsl_DuplicateKeyHandleLifetime() private static void VerifyInstanceIsUsable(SlhDsaOpenSsl slhDsa) { - _ = slhDsa.ExportSlhDsaSecretKey(); // does not throw + _ = slhDsa.ExportSlhDsaPrivateKey(); // does not throw // usable byte[] data = [1, 2, 3]; @@ -97,7 +97,7 @@ protected override SlhDsa ImportSlhDsaPublicKey(SlhDsaAlgorithm algorithm, ReadO return new SlhDsaOpenSsl(key); } - protected override SlhDsa ImportSlhDsaSecretKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) + protected override SlhDsa ImportSlhDsaPrivateKey(SlhDsaAlgorithm algorithm, ReadOnlySpan source) { using SafeEvpPKeyHandle key = Interop.Crypto.EvpPKeyFromData(algorithm.Name, source, privateKey: true); return new SlhDsaOpenSsl(key); diff --git a/src/libraries/System.Security.Cryptography/tests/X509Certificates/CertTests.cs b/src/libraries/System.Security.Cryptography/tests/X509Certificates/CertTests.cs index 425cd1ed94b3bd..ddcbba916a0a44 100644 --- a/src/libraries/System.Security.Cryptography/tests/X509Certificates/CertTests.cs +++ b/src/libraries/System.Security.Cryptography/tests/X509Certificates/CertTests.cs @@ -169,7 +169,7 @@ public static void PrivateKey_FromCertificate_CanExportPrivate_SlhDsa() { Assert.NotNull(certKey); byte[] expectedKey = SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue; - AssertExtensions.SequenceEqual(expectedKey, certKey.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(expectedKey, certKey.ExportSlhDsaPrivateKey()); } } diff --git a/src/libraries/System.Security.Cryptography/tests/X509Certificates/ExportTests.cs b/src/libraries/System.Security.Cryptography/tests/X509Certificates/ExportTests.cs index 70eb3214bf858c..42559599c2be9e 100644 --- a/src/libraries/System.Security.Cryptography/tests/X509Certificates/ExportTests.cs +++ b/src/libraries/System.Security.Cryptography/tests/X509Certificates/ExportTests.cs @@ -450,7 +450,7 @@ public static void ExportPkcs12_SlhDsa_Ietf_Roundtrip() { Assert.NotNull(slhDsa); Assert.Equal(SlhDsaAlgorithm.SlhDsaSha2_128s, slhDsa.Algorithm); - AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, slhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, slhDsa.ExportSlhDsaPrivateKey()); } } } @@ -479,7 +479,7 @@ public static void ExportPkcs12_SlhDsa_Generated_Roundtrip(SlhDsaTestData.SlhDsa { Assert.NotNull(slhDsa); Assert.Equal(info.Algorithm, slhDsa.Algorithm); - AssertExtensions.SequenceEqual(info.SecretKey, slhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(info.PrivateKey, slhDsa.ExportSlhDsaPrivateKey()); AssertExtensions.SequenceEqual(info.Certificate, reLoaded.RawData); } } diff --git a/src/libraries/System.Security.Cryptography/tests/X509Certificates/PfxTests.cs b/src/libraries/System.Security.Cryptography/tests/X509Certificates/PfxTests.cs index 922b33c02dab0d..2ca5c3cbbc206e 100644 --- a/src/libraries/System.Security.Cryptography/tests/X509Certificates/PfxTests.cs +++ b/src/libraries/System.Security.Cryptography/tests/X509Certificates/PfxTests.cs @@ -782,7 +782,7 @@ public static void ReadSlhDsa_Pfx_Ietf(X509KeyStorageFlags keyStorageFlags) Assert.Equal(SlhDsaAlgorithm.SlhDsaSha2_128s, slhDsa.Algorithm); // Note this display string is reversed from the one in the IETF example but equivalent. Assert.Equal("O=Bogus SLH-DSA-SHA2-128s CA, L=Paris, C=FR", cert.Subject); - AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, slhDsa.ExportSlhDsaSecretKey()); + AssertExtensions.SequenceEqual(SlhDsaTestData.IetfSlhDsaSha2_128sPrivateKeyValue, slhDsa.ExportSlhDsaPrivateKey()); } }