Patch #1 for 2.5

- OpenPGP: Fix RemoveCert loops
- Fix infinite recursion in SubjectAltPublicKeyInfo.Algorithm
- ML-DSA: fix PrivateKeyInfoFactory NPE

Author: peterdettman

crypto/Readme.html

@@ -31,6 +31,8 @@ <h3><a class="mozTocH3" name="mozTocId685176"></a>Contents:<br /></h3>
                             <li>
                                 <a href="#mozTocId3413">Notes:</a>
                                 <ol>
+                                    <li>
+                                        <a href="#mozTocId9020501">Release 2.5.1</a>
                                     <li>
                                         <a href="#mozTocId9020500">Release 2.5.0</a>
                                     <li>
@@ -335,6 +337,24 @@ <h3><a class="mozTocH3" name="mozTocId358608"></a>For first time users.</h3>
         <hr style="WIDTH: 100%; HEIGHT: 2px">
         <h3><a class="mozTocH3" name="mozTocId3413"></a>Notes:</h3>
 
+        <h4><a class="mozTocH4" name="mozTocId9020501"></a>Release 2.5.1, Friday Feb 7, 2025</h4>
+        <h5>Defects Fixed</h5>
+        <ul>
+            <li>OpenPGP: Fixed RemoveCert loops in PgpPublicKey so that removals don't affect remaining iteration.</li>
+            <li>Fix infinite recursion in SubjectAltPublicKeyInfo.Algorithm.</li>
+            <li>ML-DSA: fix PrivateKeyInfoFactory NPE when no seed present.</li>
+        </ul>
+        <h5>Additional Features and Functionality</h5>
+        <ul>
+        </ul>
+        <h5>Additional Notes</h5>
+        <ul>
+            <li>
+                See the (cumulative) list of GitHub pull requests that we have accepted at
+                <a href="https://github.com/bcgit/bc-csharp/pulls?q=is%3Apr+is%3Aclosed">bcgit/bc-csharp</a>.
+            </li>
+        </ul>
+
         <h4><a class="mozTocH4" name="mozTocId9020500"></a>Release 2.5.0, Sunday December 1, 2024</h4>
         <h5>Defects Fixed</h5>
         <ul>

crypto/src/asn1/x509/SubjectAltPublicKeyInfo.cs

@@ -77,7 +77,7 @@ public SubjectAltPublicKeyInfo(SubjectPublicKeyInfo subjectPublicKeyInfo)
             m_subjectAltPublicKey = subjectPublicKeyInfo.PublicKey;
         }
 
-        public AlgorithmIdentifier Algorithm => Algorithm;
+        public AlgorithmIdentifier Algorithm => m_algorithm;
 
         public DerBitString SubjectAltPublicKey => m_subjectAltPublicKey;
 

crypto/src/openpgp/PgpPublicKey.cs

@@ -1050,7 +1050,7 @@ private static PgpPublicKey RemoveCert(PgpPublicKey	key, IUserDataPacket id)
             PgpPublicKey returnKey = new PgpPublicKey(key);
             bool found = false;
 
-            for (int i = 0; i < returnKey.ids.Count; i++)
+            for (int i = returnKey.ids.Count - 1; i >= 0; i--)
             {
                 if (id.Equals(returnKey.ids[i]))
                 {
@@ -1100,7 +1100,7 @@ private static PgpPublicKey RemoveCert(PgpPublicKey	key, IUserDataPacket id, Pgp
             PgpPublicKey returnKey = new PgpPublicKey(key);
             bool found = false;
 
-            for (int i = 0; i < returnKey.ids.Count; i++)
+            for (int i = returnKey.ids.Count - 1; i >= 0; i--)
             {
                 if (id.Equals(returnKey.ids[i]))
                 {

crypto/src/pkcs/PrivateKeyInfoFactory.cs

@@ -253,13 +253,8 @@ public static PrivateKeyInfo CreatePrivateKeyInfo(AsymmetricKeyParameter private
                 if (seed != null)
                     return PrivateKeyInfo.Create(algID, new DerOctetString(seed), attributes, publicKey: null);
 
+                // NOTE: The public key can be derived from the private key
                 DerBitString publicKey = null;
-                MLDsaPublicKeyParameters mlDsaPubKey = mlDsaKey.GetPublicKey();
-                if (mlDsaPubKey != null)
-                {
-                    // TODO[pqc] Avoid redundant copies?
-                    publicKey = new DerBitString(publicKey.GetEncoded());
-                }
 
                 return PrivateKeyInfo.Create(algID, new DerOctetString(mlDsaKey.GetEncoded()), attributes, publicKey);
             }