Internet-Draft PQ Composite Keys October 2022
Ounsworth, et al. Expires 25 April 2023 [Page]
Workgroup:
LAMPS
Internet-Draft:
draft-ounsworth-pq-composite-keys-03
Published:
Intended Status:
Standards Track
Expires:
Authors:
M. Ounsworth
Entrust
M. Pala
CableLabs
J. Klaussner
D-Trust GmbH

Composite Public and Private Keys For Use In Internet PKI

Abstract

The migration to post-quantum cryptography is unique in the history of modern digital cryptography in that neither the old outgoing nor the new incoming algorithms are fully trusted to protect data for the required data lifetimes. The outgoing algorithms, such as RSA and elliptic curve, may fall to quantum cryptalanysis, while the incoming post-quantum algorithms face uncertainty about both the underlying mathematics as well as hardware and software implementations that have not had sufficient maturing time to rule out classical cryptanalytic attacks and implementation bugs.

Cautious implementors may wish to layer cryptographic algorithms such that an attacker would need to break all of them in order to compromise the data being protected using either a Post-Quantum / Traditional Hybrid, Post-Quantum / Post-Quantum Hybrid, or combinations thereof. This document, and its companions, defines a specific instantiation of hybrid paradigm called "composite" where multiple cryptographic algorithms are combined to form a single key, signature, or key encapsulation mechanism (KEM) such that they can be treated as a single atomic object at the protocol level.

This document defines the structures CompositePublicKey and CompositePrivateKey, which are sequences of the respective structure for each component algorithm. The generic composite variant is defined which allows arbitrary combinations of key types to be placed in the CompositePublicKey and CompositePrivateKey structures without needing the combination to be pre-registered or pre-agreed. The explicit variant is alxso defined which allows for a set of algorithm identifier OIDs to be registered together as an explicit composite algorithm and assigned an OID.

This document is intended to be coupled with corresponding documents that define the structure and semantics of composite signatures and encryption, such as [I-D.ounsworth-pq-composite-sigs] and [I-D.ounsworth-pq-composite-kem].

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on 25 April 2023.

Table of Contents

1. Changes in version -03

1.1. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.

This document is consistent with all terminology from [I-D.driscoll-pqt-hybrid-terminology].

In addition, the following terms are used in this document:

BER: Basic Encoding Rules (BER) as defined in [X.690].

CLIENT: Any software that is making use of a cryptographic key. This includes a signer, verifier, encrypter, decrypter.

DER: Distinguished Encoding Rules as defined in [X.690].

PKI: Public Key Infrastructure, as defined in [RFC5280].

PUBLIC / PRIVATE KEY: The public and private portion of an asymmetric cryptographic key, making no assumptions about which algorithm.

2. Introduction

During the transition to post-quantum cryptography (PQ or PQC), there will be uncertainty as to the strength of cryptographic algorithms; we will no longer fully trust traditional cryptography such as RSA, Diffie-Hellman, DSA and their elliptic curve variants, but we may also not fully trust their post-quantum replacements until further time has passed to allow additional scrutiny and the discovery of implementation bugs. Unlike previous cryptographic algorithm migrations, the choice of when to migrate and which algorithms to migrate to, is not so clear. Even after the migration period, it may be advantageous for an entity's cryptographic identity to be composed of multiple public-key algorithms by using a Post-Quantum/Traditional (PQ/T) or Post-Quantum/Post-Quantum (PQ/PQ) Hybrid scheme.

The transition to PQC will face two challenges:

This document provides the composite mechanism, which is a specific instantiation of the PQ/T and PQ/PQ Hybrid paradigm to address algorithm strength uncertainty concerns by providing formats for encoding multiple public key and private key values into existing public key and private key fields. Backwards compatibility is not directly addressed via the composite mechanisms defined in the document, but some notes on how it can be obtained can be found in Section 5.2.

This document is intended for general applicability anywhere that keys are used within PKIX or CMS structures.

3. Composite Key Structures

In order to represent public keys and private keys that are composed of multiple algorithms, we define encodings consisting of a sequence of public key or private key primitives (aka "components") such that these structures can be used directly in existing public key fields such as those found in PKCS#10 [RFC2986], CMP [RFC4210], X.509 [RFC5280], CMS [RFC5652], and the Trust Anchor Format [RFC5914].

A composite key is a single key object that performs an atomic cryptographic operation -- such a signing, verifying, encapsulating, or decapsulating -- using its encapsulated sequence of component keys as if it was a single key. This generally means that the complexity of combining algorithms can be deferred from the protocol layer to the cryptographic library layer.

3.1. CompositePublicKey

Composite public key data is represented by the following structure:

CompositePublicKey ::= SEQUENCE SIZE (2..MAX) OF SubjectPublicKeyInfo

A composite key MUST contain at least two component public keys.

A CompositePublicKey MUST NOT contain a component public key which itself describes a composite key; i.e. recursive CompositePublicKeys are not allowed.

EDNOTE: unclear that banning recursive composite keys actually accomplishes anything other than a general reduction in complexity and therefore reduction in attack surface.

Each component SubjectPublicKeyInfo SHALL contain an AlgorithmIdentifier OID which identifies the public key type and parameters for the public key contained within it. See Section 4 for specific algorithms defined in this document.

Each element of a CompositePublicKey is a SubjectPublicKeyInfo object encoding a component public key. When the CompositePublicKey must be provided in octet string or bit string format, the data structure is encoded as specified in Section 3.3.

3.2. CompositePrivateKey

This section provides an encoding for composite private keys intended for PKIX protocols and other applications that require an interoperable format for transmitting private keys, such as PKCS #12 [RFC7292] or CMP / CRMF [RFC4210], [RFC4211]. It is not intended to dictate a storage format in implementations not requiring interoperability of private key formats.

In some cases the private keys that comprise a composite key may not be represented in a single structure or even be contained in a single cryptographic module. The establishment of correspondence between public keys in a CompositePublicKey and private keys not represented in a single composite structure is beyond the scope of this document.

The composite private key data is represented by the following structure:

CompositePrivateKey ::= SEQUENCE SIZE (2..MAX) OF OneAsymmetricKey

Each element is a OneAsymmetricKey [RFC5958] object for a component private key.

The parameters field MUST be absent.

A CompositePrivateKey MUST contain at least two component private keys, and they MUST be in the same order as in the corresponding CompositePublicKey.

EDNOTE: does this also need an explicit version? It would probably reduce attack surface of tricking a client into running the wrong parser and a given piece of data. ... maybe we get that for free if we use the explicit composite OIDs also for private keys?

3.2.1. Key Usage

For protocols such as X.509 [RFC5280] that specify key usage along with the public key, any key usage may be used with composite keys, with the requirement that the specified key usage MUST apply to all component keys. For example if a composite key is marked with a KeyUsage of digitalSignature, then all component keys MUST be capable of producing digital signatures. The composite mechanism MUST NOT be used to implement mixed-usage keys, for example, where a digitalSignature and a keyEncipherment key are combined together into a single composite key.

3.3. Encoding Rules

Many protocol specifications will require that the composite public key and composite private key data structures be represented by an octet string or bit string.

When an octet string is required, the DER encoding of the composite data structure SHALL be used directly.

CompositePublicKeyOs ::= OCTET STRING (CONTAINING CompositePublicKey ENCODED BY der)

EDNOTE: will this definition include an ASN.1 tag and length byte inside the OCTET STRING object? If so, that's probably an extra uneccessary layer.

When a bit string is required, the octets of the DER encoded composite data structure SHALL be used as the bits of the bit string, with the most significant bit of the first octet becoming the first bit, and so on, ending with the least significant bit of the last octet becoming the last bit of the bit string.

CompositePublicKeyBs ::= BIT STRING (CONTAINING CompositePublicKey ENCODED BY der)

EDNOTE: See this LAMPS mailist discussion about BIT STRING vs OCTET STRING for public keys. I think we have dodged the issue, but may we worth re-visiting. https://mailarchive.ietf.org/arch/msg/spasm/Gv-ACiOpYZfOM0AJEZUX1jIhVq0/

4. Algorithm Identifiers

This section defines the algorithm identifier for generic composite, as well as a framework for defining explicit combinations and a list of explicit composite algorithms covering a wide range of use cases. This section is not intended to be exhaustive and other authors may define others so long as they are compatible with the structures and processes defined in this and companion signature and encryption documents.

Some use-cases desire the flexibility for client to use any combination of supported algorithms, while others desire the rigidity of explicitly-specified combinations of algorithms.

4.1. id-composite-key (Generic Composite Keys)

Usage guidance: This mode is primarily for prototyping and for use in proprietary implementations; implementers MAY implement this section if there is a need for greater flexibility in algorithm combinations than is available by using the pre-defined composite algorithms defined below.

EDNOTE: Does the WG feel strongly that this section should be removed prior to publication by the RFC Editors? IE remove it entirely from the standard? Are there enduring (ie non-prototyping) usecases that benefit from generic composite?

The id-composite-key object identifier is used for identifying a generic composite public key and a generic composite private key. This allows arbitrary combinations of key types to be placed in the CompositePublicKey and CompositePrivateKey structures without needing the combination to be pre-registered or standardized.

id-composite-key OBJECT IDENTIFIER ::= {
    joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027)
    Algorithm(80) Composite(4) CompositeKey(1) }

EDNOTE: this is a temporary OID for the purposes of prototyping. We are requesting IANA to assign a permanent OID, see Section 6.

The PUBLIC-KEY ASN.1 information object class is defined in [RFC5912]. The PUBLIC-KEY information object for generic (Section 4.1) and explicit (Section 4.2) composite public and private keys has the following form:

pk-Composite PUBLIC-KEY ::= {
    id id-composite-key
    KeyValue CompositePublicKey
    Params ARE ABSENT
    PrivateKey CompositePrivateKey
}

The motivation for this variant is primarily for prototyping work prior to the standardization of algorithm identifiers for explicit combinations of algorithms. However, the authors envision that this variant will remain relevant beyond full standardization for example in environments requiring very high levels of crypto agility, for example where clients support a large number of algorithms or where a large number of keys will be used at a time and it is therefore prohibitive to define algorithm identifiers for every combination of pairs, triples, quadruples, etc of algorithms.

4.2. Explicit Composite Signature Keys

This variant provides a rigid way of specifying supported combinations of key types.

The motivation for this variant is to make it easier to reference and enforce specific combinations of algorithms. The authors envision this being useful for client-server negotiated protocols, protocol designers who wish to place constraints on allowable algorithm combinations in the protocol specification, as well as audited environments that wish to prove that only certain combinations will be supported by clients.

Profiles need to define an explicit composite key type which consists of, at the minimum:

  • A new algorithm identifier OID for the explicit algorithm.
  • The PUBLIC-KEY information object of each component public key type.
  • The algorithm identifiers and parameters to be contained in each of the component SubjectPublicKeyInfos and OneAsymmetricKeys.

See Appendix A for guidance on creating and registering OIDs for specific explicit combinations.

In this variant, the public key is encoded as defined in Section 3 and Section 3.1, however the PUBLIC-KEY.id SHALL be an OID which is registered to represent a specific combination of component public key types. See Appendix B for examples.

The SubjectPublicKeyInfo.algorithm for each component key is redundant information which MUST match -- and can be inferred from -- the specification of the explicit algorithm. It has been left here for ease of implementation as the component SubjectPublicKeyInfo structures are the same between generic and explicit, as well as with single-algorithm keys. However, it introduces the risk of mismatch and leads to the following security consideration:

Security consideration: Implementations MUST check that the component AlgorithmIdentifier OIDs and parameters match those expected by the definition of the explicit algorithm. Implementations SHOULD first parse a component's SubjectPublicKeyInfo.algorithm, and ensure that it matches what is expected for that position in the explicit key, and then proceed to parse the SubjectPublicKeyInfo.subjectPublicKey. This is to reduce the attack surface associated with parsing the public key data of an unexpected key type, or worse; to parse and use a key which does not match the explicit algorithm definition. Similar checks MUST be done when handling the corresponding private key.

Below are provided a set of explicit composite algorithms which have been selected to fill a wide range of use cases, with algorithms selected to match security levels across a group. The selections include pairs of {lattice, ECC/RSA} which should cover most short-term use cases, and also {hash-based, ECC} pairs and {lattice, lattice, ECC/RSA} triples for long-term use cases. Usage guidance is provided for each explicit combination.

The algorithm set provided here is not intended to be exhaustive; additional use cases and cryptographic advances may require additional combinations to be defined in other documents by using the mechanim provided in Appendix A.

4.2.1. id-Dilithium3-ECDSA-P256

Usage guidance: This signature key type is intended to be the standard composite signature, applicable for most use cases.

The following object identifier is defined:

id-Dilithium3-ECDSA-P256 OBJECT IDENTIFIER ::= {
  joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027)
  algorithm(80) ExplicitCompositeKey(5) id-Dilithium3-ECDSA-P256(1) }

EDNOTE: this is a temporary OID for the purposes of prototyping. We are requesting IANA to assign a permanent OID, see Section 6.

When used in an AlgorithmIdentifier, parameters SHALL be ABSENT.

The PUBLIC-KEY SHALL be:

pk-Dilithium3-ECDSA-P256 PUBLIC-KEY ::= {
    id id-Dilithium3-ECDSA-P256
    KeyValue CompositePublicKey
    Params ARE ABSENT
    PrivateKey CompositePrivateKey
}

--- BEGIN EDNOTE ---

EDNOTE: design decision needed: should it be CompositePublicKey and CompositePrivateKey, or should we define Dilithium3-ECDSA-P256-PublicKey and Dilithium3-ECDSA-P256-PrivateKey for each explicit type?

Pros of a *-PublicKey for each explicit composite type: 1) the ASN.1 parser will do some of the heavy-lifting of checking that types match (but how much is up for debate..). 2) can further compress the encoding by removing the redundant inner component OIDs.

Pros of CompositePublicKey (ie carrying full SPKIs for each component): 1) it becomes harder to write abstract code that takes advantange of the fact that all composite explicit types have the same wire encoding structure because each will have an independantly defined structure object. 2) The wire encoding carries a full SPKI, so for crypto libraries that require an SPKI for each component alg, clients need to reconstruct a full SPKI, including reconstituting the components OIDs, which needs the client to have a mapping table of explicit composite OIDs to component OIDs.

--- END EDNOTE ---

The public key encoding is defined in Section 3.1 for id-Dilithium3-ECDSA-P256 SHALL have SIZE (2):

CompositePublicKey ::= SEQUENCE SIZE (2) OF SubjectPublicKeyInfo

The first SubjectPublicKeyInfo (defined in [RFC5280]) SHALL contain:

SEQUENCE  {
     algorithm  AlgorithmIdentifier {
          algorithm id-dilithiumTBD,
          paramaters ABSENT
      },
     subjectPublicKey     BIT STRING(DilithiumPublicKey)
}

where pk-dilithiumTBD and TBDDilithiumPublicKey are defined in [I-D.massimo-lamps-pq-sig-certificates].

TODO: I don't think subjectPublicKey BIT STRING(DilithiumPublicKey) is correct ASN.1.

EDNOTE: pk-dilithiumTBD and TBDPublicKey refer to [I-D.massimo-lamps-pq-sig-certificates] and should be kept in sync with future versions of that draft.

The second SubjectPublicKeyInfo SHALL contain:

SEQUENCE  {
     algorithm  AlgorithmIdentifier {
            algorithm id-ecPublicKey,
            parameters secp256r1
      },
     subjectPublicKey     BIT STRING(ECPoint)
}

where id-ecPublicKey, secp256r1, and ECPoint are defined in [RFC5912].

The private key encoding is defined in Section 3.2, and for id-Dilithium3-ECDSA-P256 SHALL have SIZE (2):

CompositePrivateKey ::= SEQUENCE SIZE (2) OF OneAsymmetricKey

The first OneAsymmetricKey, defined in [RFC5958] SHALL contain

privateKeyAlgorithm AlgorithmIdentifier ::= {
    algorithm id-dilithiumTBD,
    parameters ABSENT
  },
privateKey DilithiumPrivateKey

where id-dilithiumTBD and DilithiumPrivateKey are defined in [I-D.massimo-lamps-pq-sig-certificates].

The publicKey remains OPTIONAL.

The second OneAsymmetricKey SHALL contain

privateKeyAlgorithm AlgorithmIdentifier ::= {
    algorithm id-ecPublicKey,
    parameters secp256r1
  },
privateKey ECPrivateKey

where ECPrivateKey is defined in [RFC5480].

The publicKey remains OPTIONAL.

4.2.2. id-Dilithium3-RSA

Usage guidance: This signature key type is intended to be the standard composite signature for environments that support RSA but not elliptic curve.

The following object identifier is defined:

id-Dilithium3-RSA OBJECT IDENTIFIER ::= {
  joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027)
  algorithm(80) ExplicitCompositeKey(5) id-Dilithium3-RSA(2) }

EDNOTE: this is a temporary OID for the purposes of prototyping. We are requesting IANA to assign a permanent OID, see Section 6.

When used in an AlgorithmIdentifier, parameters SHALL be ABSENT.

The PUBLIC-KEY SHALL be:

pk-Dilithium3-ECDSA-P256 PUBLIC-KEY ::= {
    id id-Dilithium3-RSA
    KeyValue CompositePublicKey
    Params ARE ABSENT
    PrivateKey CompositePrivateKey
}

--- BEGIN EDNOTE ---

EDNOTE: design decision needed: should it be CompositePublicKey + CompositePrivateKey, or should we define *-PublicKey and *-PrivateKey for each explicit type?

Pros of a *-PublicKey for each explicit composite type: 1) the ASN.1 parser will do some of the heavy-lifting of checking that types match (but how much is up for debate..). 2) can further compress the encoding by removing the redundant inner component OIDs.

Pros of CompositePublicKey (ie carrying full SPKIs for each component): 1) it becomes harder to write abstract code that takes advantange of the fact that all composite explicit types have the same wire encoding structure because each will have an independantly defined structure object. 2) The wire encoding carries a full SPKI, so for crypto libraries that require an SPKI for each component alg, clients need to reconstruct a full SPKI, including reconstituting the components OIDs, which needs the client to have a mapping table of explicit composite OIDs to component OIDs.

--- END EDNOTE ---

The public key encoding is defined in Section 3.1 for id-Dilithium3-ECDSA-P256 SHALL have SIZE (2):

CompositePublicKey ::= SEQUENCE SIZE (2) OF SubjectPublicKeyInfo

The first SubjectPublicKeyInfo (defined in [RFC5280]) SHALL contain:

SEQUENCE  {
     algorithm  AlgorithmIdentifier {
          algorithm id-dilithiumTBD,
          paramaters ABSENT
      },
     subjectPublicKey     BIT STRING(DilithiumPublicKey)
}

where pk-dilithiumTBD and TBDDilithiumPublicKey are defined in [I-D.massimo-lamps-pq-sig-certificates].

TODO: I don't think subjectPublicKey BIT STRING(DilithiumPublicKey) is correct ASN.1.

EDNOTE: pk-dilithiumTBD and TBDPublicKey refer to [I-D.massimo-lamps-pq-sig-certificates] and should be kept in sync with future versions of that draft.

The second SubjectPublicKeyInfo SHALL contain:

SEQUENCE  {
     algorithm  AlgorithmIdentifier {
            algorithm rsaEncryption,
            parameters NULL
      },
     subjectPublicKey     BIT STRING(RSAPublicKey)
}

where rsaEncryption and RSAPublicKey are defined in [RFC8017].

The private key encoding is defined in Section 3.2, and for id-Dilithium3-ECDSA-P256 SHALL have SIZE (2):

CompositePrivateKey ::= SEQUENCE SIZE (2) OF OneAsymmetricKey

The first OneAsymmetricKey, defined in [RFC5958] SHALL contain

privateKeyAlgorithm AlgorithmIdentifier ::= {
    algorithm id-dilithiumTBD,
    parameters ABSENT
  },
privateKey DilithiumPrivateKey

The publicKey remains OPTIONAL.

The second OneAsymmetricKey SHALL contain

privateKeyAlgorithm AlgorithmIdentifier ::= {
    algorithm id-ecPublicKey,
    parameters secp256r1
  },
privateKey ECPrivateKey

where ECPrivateKey is defined in [RFC5480].

The publicKey remains OPTIONAL.

4.2.3. id-Falcon512-ECDSA-P256

Usage guidance: This signature key type is intended for constrained environments that need to use FIPS-approved elliptic curve.

TODO: fill in details.

4.2.4. id-Falcon512-Ed25519

Usage guidance: This signature key type is intended for constrained environments that may use non-FIPS-approved elliptic curve.

TODO: fill in details.

4.2.5. id-SPHINCSsha256256frobust-ECDSA-P256

Usage guidance: This signature key type is intended for long-term keys that desire the robustness to algorithmic attacks that comes from stateless hash-based signatures as well as the robustness to implementation bugs that comes from coupling with mature ECDSA implementations.

TODO: fill in details.

4.2.6. id-Dilithium5-Falcon1024-ECDSA-P521

Usage guidance: This signature key type is intended for long-term keys that desire robustness to the break of a given lattice-based scheme, but also desire smaller signatures than stateless hash-based signatures.

Note that this still has smaller pubkey + sig than SPHINCS+. TODO: fill in numbers.

TODO: fill in details.

4.2.7. id-Dilithium5-Falcon1024-RSA

Usage guidance: This signature key type is intended for long-term keys that desire robustness to the break of a given lattice-based scheme for environments that support RSA but not elliptic curve, but also desire smaller signatures than stateless hash-based signatures.

Note that this still has smaller pubkey + sig than SPHINCS+. TODO: fill in numbers.

TODO: fill in details.

5. Implementation Considerations

This section addresses practical issues of how this draft affects other protocols and standards.

EDNOTE 10: Possible topics to address:

5.1. Textual encoding of Composite Private Keys

CompositePrivateKeys can be encoded to the Privacy-Enhanced Mail (PEM) [RFC1421] format by placing a CompositePrivateKey into the privateKey field of a PrivateKeyInfo or OneAsymmetricKey object, and then applying the PEM encoding rules as defined in [RFC7468] section 10 and 11 for plaintext and encrypted private keys, respectively.

5.2. Backwards Compatibility

As noted in the introduction, the post-quantum cryptographic migration will face challenges in both ensuring cryptographic strength against adversaries of unknown capabilities, as well as providing ease of migration. The composite mechanisms defined in this document primarily address cryptographic strength, however this section contains notes on how backwards compatibility may be obtained.

The term "ease of migration" is used here to mean that existing systems can be gracefully transitioned to the new technology without requiring large service disruptions or expensive upgrades. The term "backwards compatibility" is used here to mean something more specific; that existing systems, as they are deployed today, can interoperate with the upgraded systems of the future.

These migration and interoperability concerns need to be thought about in the context of various types of protocols that make use of X.509 and PKIX with relation to public key objects, from online negotiated protocols such as TLS 1.3 [RFC8446] and IKEv2 [RFC7296], to non-negotiated asynchronous protocols such as S/MIME signed and encrypted email [RFC8551], document signing such as in the context of the European eIDAS regulations [eIDAS2014], and publicly trusted code signing [codeSigningBRsv2.8], as well as myriad other standardized and proprietary protocols and applications that leverage CMS [RFC5652] signed or encrypted structures.

5.2.1. OR modes

This document purposefully does not specify how clients are to combine component keys together to form a single cryptographic operation; this is left up to the specifications of signature and encryption algorithms that make use of the composite key type. One possible way to combine component keys is through an OR relation, or OR-like client policies for acceptable algorithm combinations, where senders and / or receivers are permitted to ignore some component keys. Some envisioned uses of this include environments where the client encounters a component key for which it does not possess a compatible algorithm implementation but wishes to proceed with the cryptographic operation using the subset of component keys for which it does have compatible implementations. Such a mechanism could be designed to provide ease of migration by allowing for composite keys to be distributed and used before all clients in the environment are fully upgraded, but it does not allow for full backwards compatibility since clients would at least need to be upgraded from their current state to be able to parse the composite structures.

5.2.2. Parallel PKIs

We present the term "Parallel PKI" to refer to the setup where a PKI end entity possesses two or more distinct public keys or certificates for the same key type (signature, key establishment, etc) for the same identity (name, SAN), but containing keys for different cryptographic algorithms. One could imagine a set of parallel PKIs where an existing PKI using legacy algorithms (RSA, ECC) is left operational during the post-quantum migration but is shadowed by one or more parallel PKIs using pure post quantum algorithms or composite algorithms (legacy and post-quantum). This concept contains strong overlap with other documented approaches, such as [I-D.becker-guthrie-noncomposite-hybrid-auth] and highlights the synergy between composite and non-composite hybrid approaches.

Equipped with a set of parallel public keys in this way, a client would have the flexibility to choose which public key(s) or certificate(s) to use in a given cryptographic operation.

For negotiated protocols, the client could choose which public key(s) or certificate(s) to use based on the negotiated algorithms, or could combine two of the public keys for example in a non-composite hybrid method such as [I-D.becker-guthrie-noncomposite-hybrid-auth] or [I-D.guthrie-ipsecme-ikev2-hybrid-auth]. Note that it is possible to use the signature algorithm defined in [I-D.ounsworth-pq-composite-sigs] as a way to carry the multiple signature values generated by a non-composite public mechanism in protocols where it is easier to support the composite signature algorithms than to implement such a mechanism in the protocol itself. There is also nothing precluding a composite public key from being one of the components used within a non-composite authentication operation; this may lead to greater convenience in setting up parallel PKI hierarchies that need to service a range of clients implementing different styles of post-quantum migration strategies.

For non-negotiated protocols, the details for obtaining backwards compatibility will vary by protocol, but for example in CMS [RFC5652], the inclusion of multiple SignerInfo or RecipientInfo objects is often already treated as an OR relationship, so including one for each of the end entity's parallel PKI public keys would, in many cases, have the desired effect of allowing the receiver to choose one they are compatible with and ignore the others, thus achieving full backwards compatibility.

6. IANA Considerations

This document registers the following in the SMI "Security for PKIX Algorithms (1.3.6.1.5.5.7.6)" registry:

id-composite-key OBJECT IDENTIFIER ::= {
    iso(1) identified-organization(3) dod(6) internet(1) security(5)
    mechanisms(5) pkix(7) algorithms(6) id-composite-key(??) }

7. Security Considerations

7.1. Reuse of keys in a Composite public key

There is an additional security consideration that some use cases such as signatures remain secure against downgrade attacks if and only if component keys are never used outside of their composite context and therefore it is RECOMMENDED that component keys in a composite key are not to be re-used in other contexts. In particular, the components of a composite key SHOULD NOT also appear in single-key certificates. This is particularly relevant for protocols that use composite keys in a logical AND mode since the appearance of the same component keys in single-key contexts undermines the binding of the component keys into a single composite key by allowing messages signed in a multi-key AND mode to be presented as if they were signed in a single key mode in what is known as a "stripping attack".

7.2. Key mismatch in explicit composite

This security consideration copied from Section 4.2.

Implementations MUST check that that the component AlgorithmIdentifier OIDs and parameters match those expected by the definition of the explicit algorithm. Implementations SHOULD first parse a component's SubjectPublicKeyInfo.algorithm, and ensure that it matches what is expected for that position in the explicit key, and then proceed to parse the SubjectPublicKeyInfo.subjectPublicKey. This is to reduce the attack surface associated with parsing the public key data of an unexpected key type, or worse; to parse and use a key which does not match the explicit algorithm definition. Similar checks MUST be done when handling the corresponding private key.

7.3. Policy for Deprecated and Acceptable Algorithms

Traditionally, a public key, certificate, or signature contains a single cryptographic algorithm. If and when an algorithm becomes deprecated (for example, RSA-512, or SHA1), it is obvious that clients performing signature verification or encryption operations should be updated to fail to validate or refuse to encrypt for these algorithms.

In the composite model this is less obvious since implementers may decide that certain cryptographic algorithms have complementary security properties and are acceptable in combination even though one or both algorithms are deprecated for individual use. As such, a single composite public key, certificate, signature, or ciphertext MAY contain a mixture of deprecated and non-deprecated algorithms.

Specifying behaviour in these cases is beyond the scope of this document, but should be considered by implementers and potentially in additional standards.

EDNOTE: Max had proposed a CRL mechanism to accomplish this, which could be revived if necessary.

7.4. Protection of Private Keys

Structures described in this document do not protect private keys in any way unless combined with a security protocol or encryption properties of the objects (if any) where the CompositePrivateKey is used.

Protection of the private keys is vital to public key cryptography. The consequences of disclosure depend on the purpose of the private key. If a private key is used for signature, then the disclosure allows unauthorized signing. If a private key is used for key management, then disclosure allows unauthorized parties to access the managed keying material. The encryption algorithm used in the encryption process must be at least as 'strong' as the key it is protecting.

7.5. Checking for Compromised Key Reuse

Certification Authority (CA) implementations need to be careful when checking for compromised key reuse, for example as required by WebTrust regulations; when checking for compromised keys, you MUST unpack the CompositePublicKey structure and compare individual component keys. In other words, for the purposes of key reuse checks, the composite public key structures need to be un-packed so that primitive keys are being compared. For example if the composite key {RSA1, PQ1} is revoked for key compromise, then the keys RSA1 and PQ1 need to be individually considered revoked. If the composite key {RSA1, PQ2} is submitted for certification, it SHOULD be rejected because the key RSA1 was previously declared compromised even though the key PQ2 is unique.

8. References

8.1. Normative References

[I-D.massimo-lamps-pq-sig-certificates]
Massimo, J., Kampanakis, P., Turner, S., and B. Westerbaan, "Algorithms and Identifiers for Post-Quantum Algorithms", Work in Progress, Internet-Draft, draft-massimo-lamps-pq-sig-certificates-00, , <https://www.ietf.org/archive/id/draft-massimo-lamps-pq-sig-certificates-00.txt>.
[I-D.ounsworth-pq-composite-kem]
Ounsworth, M. and J. Gray, "Composite KEM For Use In Internet PKI", Work in Progress, Internet-Draft, draft-ounsworth-pq-composite-kem-00, , <https://www.ietf.org/archive/id/draft-ounsworth-pq-composite-kem-00.txt>.
[I-D.ounsworth-pq-composite-sigs]
Ounsworth, M. and M. Pala, "Composite Signatures For Use In Internet PKI", Work in Progress, Internet-Draft, draft-ounsworth-pq-composite-sigs-05, , <https://www.ietf.org/archive/id/draft-ounsworth-pq-composite-sigs-05.txt>.
[RFC1421]
Linn, J., "Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures", RFC 1421, DOI 10.17487/RFC1421, , <https://www.rfc-editor.org/info/rfc1421>.
[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, , <https://www.rfc-editor.org/info/rfc2119>.
[RFC2986]
Nystrom, M. and B. Kaliski, "PKCS #10: Certification Request Syntax Specification Version 1.7", RFC 2986, DOI 10.17487/RFC2986, , <https://www.rfc-editor.org/info/rfc2986>.
[RFC5280]
Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, , <https://www.rfc-editor.org/info/rfc5280>.
[RFC5480]
Turner, S., Brown, D., Yiu, K., Housley, R., and T. Polk, "Elliptic Curve Cryptography Subject Public Key Information", RFC 5480, DOI 10.17487/RFC5480, , <https://www.rfc-editor.org/info/rfc5480>.
[RFC5652]
Housley, R., "Cryptographic Message Syntax (CMS)", STD 70, RFC 5652, DOI 10.17487/RFC5652, , <https://www.rfc-editor.org/info/rfc5652>.
[RFC5912]
Hoffman, P. and J. Schaad, "New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)", RFC 5912, DOI 10.17487/RFC5912, , <https://www.rfc-editor.org/info/rfc5912>.
[RFC5914]
Housley, R., Ashmore, S., and C. Wallace, "Trust Anchor Format", RFC 5914, DOI 10.17487/RFC5914, , <https://www.rfc-editor.org/info/rfc5914>.
[RFC5915]
Turner, S. and D. Brown, "Elliptic Curve Private Key Structure", RFC 5915, DOI 10.17487/RFC5915, , <https://www.rfc-editor.org/info/rfc5915>.
[RFC5958]
Turner, S., "Asymmetric Key Packages", RFC 5958, DOI 10.17487/RFC5958, , <https://www.rfc-editor.org/info/rfc5958>.
[RFC7468]
Josefsson, S. and S. Leonard, "Textual Encodings of PKIX, PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468, , <https://www.rfc-editor.org/info/rfc7468>.
[RFC8017]
Moriarty, K., Ed., Kaliski, B., Jonsson, J., and A. Rusch, "PKCS #1: RSA Cryptography Specifications Version 2.2", RFC 8017, DOI 10.17487/RFC8017, , <https://www.rfc-editor.org/info/rfc8017>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, , <https://www.rfc-editor.org/info/rfc8174>.
[RFC8411]
Schaad, J. and R. Andrews, "IANA Registration for the Cryptographic Algorithm Object Identifier Range", RFC 8411, DOI 10.17487/RFC8411, , <https://www.rfc-editor.org/info/rfc8411>.
[X.690]
ITU-T, "Information technology - ASN.1 encoding Rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)", ISO/IEC 8825-1:2015, .

8.2. Informative References

[Beullens2022]
Beullens, W., "Breaking rainbow takes a weekend on a laptop.", , <https://eprint.iacr.org/2022/214>.
[Bindel2017]
Bindel, N., Herath, U., McKague, M., and D. Stebila, "Transitioning to a quantum-resistant public key infrastructure", , <https://link.springer.com/chapter/10.1007/978-3-319-59879-6_22>.
[Bleichenbacher1998]
Bleichenbacher, D., "Chosen ciphertext attacks against protocols based on the RSA encryption standard PKCS# 1.", .
[Castryck2022]
Castryck, W. and T. Decru, "An efficient key recovery attack on SIDH (preliminary version).", , <https://eprint.iacr.org/2022/975.pdf>.
[codeSigningBRsv2.8]
CAB Forum, "Baseline Requirements for the Issuance and Management of Publicly-Trusted Code Signing Certificates v2.8", , <https://cabforum.org/wp-content/uploads/Baseline-Requirements-for-the-Issuance-and-Management-of-Code-Signing.v2.8.pdf>.
[eIDAS2014]
"REGULATION (EU) No 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC", , <https://ec.europa.eu/futurium/en/system/files/ged/eidas_regulation.pdf>.
[I-D.becker-guthrie-noncomposite-hybrid-auth]
Becker, A., Guthrie, R., and M. Jenkins, "Non-Composite Hybrid Authentication in PKIX and Applications to Internet Protocols", Work in Progress, Internet-Draft, draft-becker-guthrie-noncomposite-hybrid-auth-00, , <https://www.ietf.org/archive/id/draft-becker-guthrie-noncomposite-hybrid-auth-00.txt>.
[I-D.driscoll-pqt-hybrid-terminology]
D, F., "Terminology for Post-Quantum Traditional Hybrid Schemes", Work in Progress, Internet-Draft, draft-driscoll-pqt-hybrid-terminology-01, , <https://www.ietf.org/archive/id/draft-driscoll-pqt-hybrid-terminology-01.txt>.
[I-D.guthrie-ipsecme-ikev2-hybrid-auth]
Guthrie, R., "Hybrid Non-Composite Authentication in IKEv2", Work in Progress, Internet-Draft, draft-guthrie-ipsecme-ikev2-hybrid-auth-00, , <https://www.ietf.org/archive/id/draft-guthrie-ipsecme-ikev2-hybrid-auth-00.txt>.
[Mosca2015]
Mosca, M., "Cybersecurity in a Quantum World: will we be ready?", , <https://csrc.nist.gov/csrc/media/events/workshop-on-cybersecurity-in-a-post-quantum-world/documents/presentations/session8-mosca-michele.pdf>.
[RFC3279]
Bassham, L., Polk, W., and R. Housley, "Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 3279, DOI 10.17487/RFC3279, , <https://www.rfc-editor.org/info/rfc3279>.
[RFC4210]
Adams, C., Farrell, S., Kause, T., and T. Mononen, "Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP)", RFC 4210, DOI 10.17487/RFC4210, , <https://www.rfc-editor.org/info/rfc4210>.
[RFC4211]
Schaad, J., "Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)", RFC 4211, DOI 10.17487/RFC4211, , <https://www.rfc-editor.org/info/rfc4211>.
[RFC7292]
Moriarty, K., Ed., Nystrom, M., Parkinson, S., Rusch, A., and M. Scott, "PKCS #12: Personal Information Exchange Syntax v1.1", RFC 7292, DOI 10.17487/RFC7292, , <https://www.rfc-editor.org/info/rfc7292>.
[RFC7296]
Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T. Kivinen, "Internet Key Exchange Protocol Version 2 (IKEv2)", STD 79, RFC 7296, DOI 10.17487/RFC7296, , <https://www.rfc-editor.org/info/rfc7296>.
[RFC8446]
Rescorla, E., "The Transport Layer Security (TLS) Protocol Version 1.3", RFC 8446, DOI 10.17487/RFC8446, , <https://www.rfc-editor.org/info/rfc8446>.
[RFC8551]
Schaad, J., Ramsdell, B., and S. Turner, "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification", RFC 8551, DOI 10.17487/RFC8551, , <https://www.rfc-editor.org/info/rfc8551>.
[ROBOT2018]
Boeck, H., Somorovsky, J., and C. Young, "Return Of {Bleichenbacher's} Oracle Threat (ROBOT).", , <https://www.usenix.org/conference/usenixsecurity18/presentation/bock>.

Appendix A. Creating explicit combinations

The following ASN.1 Information Objects may be useful in defining and parsing explicit pairs of public key types. Given an ASN.1 2002 compliant ASN.1 compiler, these Information Objects will enforce the binding between the public key types specified in the instantiation of pk-explicitComposite, and the wire objects which implement it. The one thing that is not enforced automatically by this Information Object is that publicKey.params are intended to be absent if and only if they are absent for the declared public key type. This ASN.1 module declares them OPTIONAL and leaves it to implementers to perform this check explicitly.

EDNOTE this ASN.1 needs to change. The current definition doesn't put a component AlgorithmIdentifier with each component key. Once we agree as a group that the text accurately describes what we want, we can spend a bit of time figuring out if the ASN.1 machinery lets us express it in a readable way and/or a way that will actually help people creating explicit pairs.

-- pk-explicitComposite - Composite public key information object

pk-explicitComposite{OBJECT IDENTIFIER:id, PUBLIC-KEY:firstPublicKey,
 FirstPublicKeyType, PUBLIC-KEY:secondPublicKey, SecondPublicKeyType}
 PUBLIC-KEY ::= {PUBLIC-KEYPUBLIC-KEY
    IDENTIFIER id
    KEY ExplicitCompositePublicKey{firstPublicKey, FirstPublicKeyType,
     secondPublicKey, SecondPublicKeyType}
    PARAMS ARE absent
    CERT-KEY-USAGE {digitalSignature, nonRepudiation, keyCertSign,
      cRLSign}
}

The following ASN.1 object class then automatically generates the public key structure from the types defined in pk-explicitComposite.

-- ExplicitCompositePublicKey - The data structure for a composite
-- public key sec-composite-pub-keys and SecondPublicKeyType are needed
-- because PUBLIC-KEY contains a set of public key types, not a single
-- type.
-- TODO The parameters should be optional only if they are marked
-- optional in the PUBLIC-KEY.


ExplicitCompositePublicKey{PUBLIC-KEY:firstPublicKey, FirstPublicKeyType,
  PUBLIC-KEY:secondPublicKey, SecondPublicKeyType} ::= SEQUENCE {
    firstPublicKey SEQUENCE {
        params firstPublicKey.&Params OPTIONAL,
        publicKey FirstPublicKeyType
    },
    secondPublicKey SEQUENCE {
        params secondPublicKey.&Params OPTIONAL,
        publicKey SecondPublicKeyType
    }
}

Using this module, it becomes trivial to define explicit pairs. For an example, see Appendix B.2.

To define explicit triples, quadruples, etc, these Information Objects can be extended to have thirdPublicKey, fourthPublicKey, etc throughout.

Appendix B. Examples

These samples are reproduced here for completeness, but are also available in github:

https://github.com/EntrustCorporation/draft-ounsworth-pq-composite-keys/tree/master/sampledata

B.1. Generic Composite Public Key Examples

This is an example generic composite public key

-----BEGIN PUBLIC KEY-----
MIIBmDAMBgpghkgBhvprUAQBA4IBhgAwggGBMFkwEwYHKoZIzj0CAQYIKoZIzj0D
AQcDQgAExGPhrnuSG/fGyw1FN+l5h4p4AGRQCS0LBXnBO+djhcI6qnF2TvrQEaIY
GGpQT5wHS+7y5iJJ+dE5qjxcv8loRDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
AQoCggEBANsVQK1fcLQObL4ZYtczWbObECAFSsng0OLpRTPr9VGV3SsS/VoMRZqX
F+sszz6I2UcFTaMF9CwNRbWLuIBczzuhbHSjn65OuoN+Om2wsPo+okw46RTekB4a
d9QQvYRVzPlILUQ8NvZ4W0BKLviXTXWIggjtp/Y1pKRHKz8n35J6OmFWz4TKGNth
n87D28kmdwQYH5NLsDePHbfdw3AyLrPvQLlQw/hRPz/9Txf7yi9Djg9HtJ88ES6+
ZbfE1ZHxLYLSDt25tSL8A2pMuGMD3P81nYWO+gJ0vYV2WcRpXHRkjmliGqiCg4eB
mC4//tm0J4r9Ll8b/pp6xyOMI7jppVUCAwEAAQ==
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-composite-key}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: ecPublicKey
      parameters: prime256v1
      }
    subjectPublicKey: <ec key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: rsaEncryption
      parameters: NULL
      }
    subjectPublicKey: <rsa key octet string>
    }
  }

The corresponding explicit private key is as follows. Note that the PQ key comes from OpenQuantumSafe-openssl and is in the {privatekey || publickey} concatenated format. This may cause interoperability issues with some clients, and also makes the private keys appear larger than they would be if generated by a non-openssl client.

-----BEGIN PRIVATE KEY-----
MIIFHgIBADAMBgpghkgBhvprUAQBBIIFCTCCBQUwQQIBADATBgcqhkjOPQIBBggq
hkjOPQMBBwQnMCUCAQEEICN0ihCcgg5n8ALtk9tkQZqg/WLEm5NefMi/kdN06Z9u
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDbFUCtX3C0Dmy+
GWLXM1mzmxAgBUrJ4NDi6UUz6/VRld0rEv1aDEWalxfrLM8+iNlHBU2jBfQsDUW1
i7iAXM87oWx0o5+uTrqDfjptsLD6PqJMOOkU3pAeGnfUEL2EVcz5SC1EPDb2eFtA
Si74l011iIII7af2NaSkRys/J9+SejphVs+EyhjbYZ/Ow9vJJncEGB+TS7A3jx23
3cNwMi6z70C5UMP4UT8//U8X+8ovQ44PR7SfPBEuvmW3xNWR8S2C0g7dubUi/ANq
TLhjA9z/NZ2FjvoCdL2FdlnEaVx0ZI5pYhqogoOHgZguP/7ZtCeK/S5fG/6aescj
jCO46aVVAgMBAAECggEAFtT6LpdZuYofTxh6Mo9Jc+xfG9cxWiSx4FQLQEQBBwWl
TQ3nlXDd+CRy+7Fpz8yXSE2HL8w5DDY945OyIL6LYl2KXgWHaLUPvxByqmfVqd7J
L0RnFiOzxU9g2Zr9BUOj3v7kqM3VtI4KhIK2rnWmPu+BDckmzgP9Kpm4KhbPuAYP
iqUZSkxpSUsd5ALLsk9b0xjR7UEYkEpV2/vORwieEhOmPLzuXh+Px0yavkazT/vU
+h/rDSoLQn7v4fVsQgNdOaaOG/gHemGuuiLPJJlX5ZZ6mmsIaEjz+MNk0aJDH2po
KbAr4B709dTsnYgv7YtkEfSyOeMEdhMiswI1c9FpwQKBgQD6kdHmHCoeWNNvlqxU
v57e7ZDAXDA6WcfrypcsF0l72rI3J8oOPmFaNaCmwIH/Icz+Zy7fr2IYxVjyDjCa
zi8qTnj2ZNds71hUYOcq60u0TcSVrtocA4HW7NoWJqK5thNlNaa1M358cYBopGoN
ocS9yf10q2MBZtpF0fc5PbFf+QKBgQDf1L4cezoebbNTaN4KoapycHXxKozP2GwI
r15YRYjt0ZpHstdUPABQuwlL9CuL+5Q17VRiM81cUVNfFsBzKIXYb/PBC5UD+DmR
qGlT6v6uUWY6jifUgEjfyPxO0oJ3M6cChHR/TvpkT5SyaEwHpIH7IeXbMFcS5m4G
mSNBECO/PQKBgCD0CoHT1Go3Tl9PloxywwcYgT/7H9CcvCEzfJws19o1EdkVH4qu
A4mkoeMsUCxompgeo9iBLUqKsb7rxNKnKSbMOTZWXsqR07ENKXnIhiVJUQBKhZ7H
i0zjy268WAxKeNSHsMwF4K2nE7cvYE84pjI7nVy5qYSmrTAfg/8AMRKpAoGBAN/G
wN6WsE9Vm5BLapo0cMUC/FdFFAyEMdYpBei4dCJXiKgf+7miVypfI/dEwPitZ8rW
YKPhaHHgeLq7c2JuZAo0Ov2IR831MBEYz1zvtvmuNcda8iU4sCLTvLRNL9Re1pzk
sdfJrPn2uhH3xfNqG+1oQXZ3CMbDi8Ka/a0Bpst9AoGBAPR4p6WN0aoZlosyT6NI
4mqzNvLE4KBasmfoMmTJih7qCP3X4pqdgiI0SjsQQG/+utHLoJARwzhWHOZf1JKk
D8lSJH02cp/Znrjn5wPpfYKLphJBiKSPwyIjuFwcR1ck84ONeYq421NDqf7lXbvx
oMqjTPagXUpzHvwluDjtSi8+
-----END PRIVATE KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-composite-key}

SEQUENCE {
  OneAsymmetricKey {
      version: 0,
      privateKeyAlgorithm: PrivateKeyAlgorithmIdentifier{
        algorithm: ecPublicKey
        parameters: prime256v1
      }
      privateKey: <ec key octet string>
    },
  OneAsymmetricKey {
      version: 0,
      privateKeyAlgorithm: PrivateKeyAlgorithmIdentifier{
        algorithm: rseEncryption
        parameters: NULL
      }
      privateKey: <rsa key octet string>
    }
  }

B.2. Explicit Composite Public Key Examples

B.2.1. pk-example-ECandRSA

Assume that the following is a defined explicit pair:

id-pk-example-ECandRSA OBJECT IDENTIFIER ::= { 1 2 3 4 }

pk-example-ECandRSA PUBLIC-KEY ::= pk-explicitComposite{
    id-pk-example-ECandRSA,
    ecPublicKey,
    pk-ec,
    rsaEncryption,
    pk-rsa,
}

Then the same key as above could be encoded as an explicit composite public key as:

-----BEGIN PUBLIC KEY-----
MIIBkTAFBgMqAwQDggGGADCCAYEwWTATBgcqhkjOPQIBBggqhkjOPQMBBwNCAATE
Y+Gue5Ib98bLDUU36XmHingAZFAJLQsFecE752OFwjqqcXZO+tARohgYalBPnAdL
7vLmIkn50TmqPFy/yWhEMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
2xVArV9wtA5svhli1zNZs5sQIAVKyeDQ4ulFM+v1UZXdKxL9WgxFmpcX6yzPPojZ
RwVNowX0LA1FtYu4gFzPO6FsdKOfrk66g346bbCw+j6iTDjpFN6QHhp31BC9hFXM
+UgtRDw29nhbQEou+JdNdYiCCO2n9jWkpEcrPyffkno6YVbPhMoY22GfzsPbySZ3
BBgfk0uwN48dt93DcDIus+9AuVDD+FE/P/1PF/vKL0OOD0e0nzwRLr5lt8TVkfEt
gtIO3bm1IvwDaky4YwPc/zWdhY76AnS9hXZZxGlcdGSOaWIaqIKDh4GYLj/+2bQn
iv0uXxv+mnrHI4wjuOmlVQIDAQAB
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-pk-example-ECandRSA}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: ecPublicKey
      parameters: prime256v1
      }
    subjectPublicKey: <ec key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: rsaEncryption
      parameters: NULL
      }
    subjectPublicKey: <rsa key octet string>
    }
  }

The corresponding explicit private key is:

-----BEGIN PRIVATE KEY-----
MIIFFwIBADAFBgMqAwQEggUJMIIFBTBBAgEAMBMGByqGSM49AgEGCCqGSM49AwEH
BCcwJQIBAQQgI3SKEJyCDmfwAu2T22RBmqD9YsSbk158yL+R03Tpn24wggS+AgEA
MA0GCSqGSIb3DQEBAQUABIIEqDCCBKQCAQACggEBANsVQK1fcLQObL4ZYtczWbOb
ECAFSsng0OLpRTPr9VGV3SsS/VoMRZqXF+sszz6I2UcFTaMF9CwNRbWLuIBczzuh
bHSjn65OuoN+Om2wsPo+okw46RTekB4ad9QQvYRVzPlILUQ8NvZ4W0BKLviXTXWI
ggjtp/Y1pKRHKz8n35J6OmFWz4TKGNthn87D28kmdwQYH5NLsDePHbfdw3AyLrPv
QLlQw/hRPz/9Txf7yi9Djg9HtJ88ES6+ZbfE1ZHxLYLSDt25tSL8A2pMuGMD3P81
nYWO+gJ0vYV2WcRpXHRkjmliGqiCg4eBmC4//tm0J4r9Ll8b/pp6xyOMI7jppVUC
AwEAAQKCAQAW1Poul1m5ih9PGHoyj0lz7F8b1zFaJLHgVAtARAEHBaVNDeeVcN34
JHL7sWnPzJdITYcvzDkMNj3jk7IgvotiXYpeBYdotQ+/EHKqZ9Wp3skvRGcWI7PF
T2DZmv0FQ6Pe/uSozdW0jgqEgraudaY+74ENySbOA/0qmbgqFs+4Bg+KpRlKTGlJ
Sx3kAsuyT1vTGNHtQRiQSlXb+85HCJ4SE6Y8vO5eH4/HTJq+RrNP+9T6H+sNKgtC
fu/h9WxCA105po4b+Ad6Ya66Is8kmVfllnqaawhoSPP4w2TRokMfamgpsCvgHvT1
1OydiC/ti2QR9LI54wR2EyKzAjVz0WnBAoGBAPqR0eYcKh5Y02+WrFS/nt7tkMBc
MDpZx+vKlywXSXvasjcnyg4+YVo1oKbAgf8hzP5nLt+vYhjFWPIOMJrOLypOePZk
12zvWFRg5yrrS7RNxJWu2hwDgdbs2hYmorm2E2U1prUzfnxxgGikag2hxL3J/XSr
YwFm2kXR9zk9sV/5AoGBAN/Uvhx7Oh5ts1No3gqhqnJwdfEqjM/YbAivXlhFiO3R
mkey11Q8AFC7CUv0K4v7lDXtVGIzzVxRU18WwHMohdhv88ELlQP4OZGoaVPq/q5R
ZjqOJ9SASN/I/E7SgnczpwKEdH9O+mRPlLJoTAekgfsh5dswVxLmbgaZI0EQI789
AoGAIPQKgdPUajdOX0+WjHLDBxiBP/sf0Jy8ITN8nCzX2jUR2RUfiq4DiaSh4yxQ
LGiamB6j2IEtSoqxvuvE0qcpJsw5NlZeypHTsQ0peciGJUlRAEqFnseLTOPLbrxY
DEp41IewzAXgracTty9gTzimMjudXLmphKatMB+D/wAxEqkCgYEA38bA3pawT1Wb
kEtqmjRwxQL8V0UUDIQx1ikF6Lh0IleIqB/7uaJXKl8j90TA+K1nytZgo+FoceB4
urtzYm5kCjQ6/YhHzfUwERjPXO+2+a41x1ryJTiwItO8tE0v1F7WnOSx18ms+fa6
EffF82ob7WhBdncIxsOLwpr9rQGmy30CgYEA9HinpY3RqhmWizJPo0jiarM28sTg
oFqyZ+gyZMmKHuoI/dfimp2CIjRKOxBAb/660cugkBHDOFYc5l/UkqQPyVIkfTZy
n9meuOfnA+l9goumEkGIpI/DIiO4XBxHVyTzg415irjbU0Op/uVdu/GgyqNM9qBd
SnMe/CW4OO1KLz4=
-----END PRIVATE KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-pk-example-ECandRSA}

SEQUENCE {
  OneAsymmetricKey {
      version: 0,
      privateKeyAlgorithm: PrivateKeyAlgorithmIdentifier{
        algorithm: ecPublicKey
        parameters: prime256v1
      }
      privateKey: <ec key octet string>
    },
  OneAsymmetricKey {
      version: 0,
      privateKeyAlgorithm: PrivateKeyAlgorithmIdentifier{
        algorithm: rseEncryption
        parameters: NULL
      }
      privateKey: <rsa key octet string>
    }
  }

B.2.2. id-Dilithium3-ECDSA-P256

This example uses the following OID as defined in Open Quantum Safe, which correspond to NIST Round3 candidates:

https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md

id-dilithium3_aes 1.3.6.1.4.1.2.267.11.6.5

A Dilithium3-ECDSA-P256 public key:

-----BEGIN PUBLIC KEY-----
MIIIKjAMBgpghkgBhvprUAUBA4IIGAAwgggTMIIHtDANBgsrBgEEAQKCCwsGBQOCB6EA2wEINOg
X+0DRUsEixdVXp+ZVcigmaDEEDNCSblD9t5nERtIufPxKONt/IRXok6v5jKWbZWIFB6ZT3EvIpv
crm2Qybxvrp5GwB4FaUe+0IwuMlrt7Nr/57WTqgxeeBMWbHnudqX2QzP2nnlAWip3YQ1hWj288b
Z1qnRzc2C8S+eR56qcAPd+xN8ehs/n1WzNQoBigXXbJsh0zpVZuML+p15GEH7JvEtV+4flx6iPS
CkEahgXLXZFJ2i7gDa+tWfXPO1oa1cb9uhLEkZjEsy9YivBOmmEhwq9pEterizqrqffP1EIco+L
BB3Q5mqhJTh42+i1oRVDrcN0dL6ZIc26NI0ebbBKUuHZLlMPppsF8x3jg88uZjshvwaQy3clEhP
pcwRf48/nbMiSaaWvl0/dXNgrZqYPrvUPGIFr+j+YMLVod2+74tum7AOc/k9/SsUcoQf1BkFYV2
5+ViK1n+CwdvbBS4VPeoTroO6YiPTB6sT+id3YIgI03yQmOQJTsRr63Sq7a+f+IBwVPuo1ZMI/4
MGngXtkquTEV/Ufs0sP6D5KmOs5lhGVe8V61h+N2r9MLuKIlV7CaoBGGTQ1AXj0vliWDltZnVQ9
FRJ4QYQFsyln7DVORfE+luuq1YmutyoC3G/JgnSjtoGOp6NQKrQGWgCV0gNIYa/Khg9cPcIIMRn
82LCVNRhRdI+hPkIHNcLNlJyBQ9A3IHHERtuJDQMoJN6aq5yx1rhbOUdGhWZEZHiX9FaLcURoCh
bUPVdCZrmLuct/5rbnfMfc0bmmHR5cRmENMEIwI/kLljrCoDmcMEGfSBZEEqX2I5+xVAyUfm3j5
baYXlzkTjSX4WXXx70pkCY7QNymW6im+/neA78w3TMV7P+0dqehuA6ohC+2puIkyZ8zOm0vfbte
7vFXlqh2eV38TBVT0umIaw5mvv07+9S0OOzdDrR3iix1MWA4iT00h3wi1y45KHrbb6blZHECBvO
f1crFR03SpjFqiSkjGezxWN84lPMTZKQ/dflmxWhN4yYVJpVadSwJoY9atRVI0QI1cdvO2AfDdP
IwRtrauRrYdEVkAkr5H65nxBkU2clHsIdQDzTB+7npX0KUsokKFIe+Yb/Ofko7Zz1jHBaaPig0u
6Ul1w8oRWzqREQPWeKRd1SEziC21DZ4MXIuzZvpH7/W+LqXzC9DvaJOCHY7fve9cMWDW9AuHvAP
Mtk5/NnekpUKit4acfIFn/YcUa3gN3uUqoC2x2dZ/GrehDM5Ff8I/b5fqxBB42tJbUWIHwxINT+
2iXGn/dpKxV/IRtvo8VRlRgwaKILIn9MjJxaugWzsVvxDuxDPGB9WgnelYOgVL8lt6l8RrSf7cE
vdIDfwm0rzd0xQMGLwlynCtIOY77XRyOl1SR3crHjNx4H+R7nqF6jMGBS59nvlGF/CC7OX84Zxg
TaUXPk8hrR4RB7elhBR9azgadnqDfAbvoHmjv46xRniCVJywrgkeU73FzU1WRLT8jrECDLlnLVv
pXMyMB6L4I5rrhQ6R3Hc095SnMcSWTmFSOwFs2hsrkzEfJhWZXRhCeKWpe0zFhHRz4MUY5Rf0ww
TabYOpRWhMK6CgA2l5tFc7r+SKxK1v3i8mZ3sB2TptIlfSVU+iQT8RLEdJjWC9BBqW76a03u7Yq
iUr6aKsw2z+AN/ZnuLyZ3YvWLHNdCRmtZlASMZfoa5K+FfkXUog4m0IzxHzy2dMOpDXsi489oiX
+8D3L51Le/K9FR4xjLo8TMAjnoS2KMrKfmiseIqIMJfcECcKyM8UJrECkS+GC3Hu9g22bsyoJHE
LwYu7gKbElItj4dlj7RRv7DXYPF/fJiUkcjK8WTQ9geHKrcooe8DMMMNb14Z5G27P6ecZaaHL6F
M1ixnkIF7EMXF4EVlXo4dgSF0Ozc+LF57pYVc9x//5kprQ35Va8Cs1YJTooS2bIuZEzQx9GxXig
LG4yQvbp2q3dQxQKqovdOp/c3yZfFffBQsOPCUKsnmpEJsKhUrNEfzuylZTk5/8gnH4//6wGD4m
kq+2VLi2YNBj/YCBFRKTQLqUkiZKRjeyWakBo6aVS+rJS/gQD08DMISiihNK6Xi0bxoHV0le7Ag
05q3O+QuZEjPjZp1w33nwv+ck3uqPsH8HQbvEQnkxFidEK/9vXQyB2EZkWfTYuNvWPRsBab2f+i
Om0nUh6Kg+xHZZrX7hfN7GMvAx7jfBSYoHSCuRhZuSMYwXYWadBiV4KsCNAOm5PqE4p6DQmYxut
m8/3TzkR7m4fEuF/E5qHZ2vpkWI4MTGx3uYXf3dLHd+JiEorXL+HzR/dPhaHTDL/XwenhrGZSZc
/YNAXka/6OpzN/+oP7zmEjLcs9RKqtRlipmjlusriUfxJ5wxi+xGS+xyrjXeXlqe3EV0JVdVSJx
0iqR94g9PX69zuBP/rPNxdQf3od86mreh0ts5ul83KmUK0xpTOQqLAZUuckeC6pmA27nZOdjoMU
hySgzTu32gAwXyifRQc0wE/EmZWRneLgh45QecDE+glcGY8rn0+P5dMyNhlNwNwbgpc8NSQaL5+
dM9Vq8+WtyBRwSjG/TkjEMY6Ex+hIASoM2D4Hs5MJ0AHNswWTATBgcqhkjOPQIBBggqhkjOPQMB
BwNCAATLQgUt46GGb96T815H65I05ELw9siX91ZlN+vVNW9RLQm519BPfX+1Vk+HAviXMVk0W7X
Srzd4w0i+5dCNM9rX
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-Dilithium3-ECDSA-P256}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-dilithium3_aes
      }
    subjectPublicKey: <dilithium key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: ecPublicKey
      parameters: prime256v1
      }
    subjectPublicKey: <ec key octet string>
    }
  }

The corresponding explicit private key is as follows. Note that the PQ key comes from OpenQuantumSafe-openssl and is in the {privatekey || publickey} concatenated format. This may cause interoperability issues with some clients, and also makes the private keys appear larger than they would be if generated by a non-openssl client.

-----BEGIN PRIVATE KEY-----
MIIXugIBADAMBgpghkgBhvprUAUBBIIXpTCCF6EwghdaAgEAMA0GCysGAQQBAoILCwYFBIIXRAS
CF0DbAQg06Bf7QNFSwSLF1Ven5lVyKCZoMQQM0JJuUP23mWccgkCYK6iOhDmkqybIASjgzCUhVZ
FDOEPKot4rEOPa3J+Wnp1odULvCAUvzIbi9DKIk2xBJVvJI6oS+WBq2JwAE0NgVHZ0BBhUYkYga
CMyNxIxF4QRE4YXN2UjKBhBcAYTBHFyBXYVJ0Eod0CGIzGGCERBFhdXdRERMmeIB1FgM3EQc3Yg
cgU4MlACVldTh0NmRANSUkAEFIVBdzRgEVFHIgFocRZYUxJERUE4gCg4KANkaHESJwgCYFFDUlU
4gHhmAmYDERd2NWc0MIhogBSBUBFkZBhjBTIkVXdVNEWDSDVVUTVGcodzSIaDOEEIMVFQUgVCNy
IQcCBAEWVXYmUFaGICcyInZjMgQIZIUiYmghEwdGeEgShTWEQ0KHAnc4ATAkNjBYVEFWUUSDBmK
BCENTeCh1VXY2RCY2JEJYdDQXMUeCIRAhEFEDNiJxIWQhMjAAAIU0UCVCEBIxUBZRhDUnMkCHQB
gYUjESZ3FydCMVBFZ0YxA3IwFRcxQ0d4UQWGQBAYOGQzdSQyV0EldWV1A3ZmNTYmaCBxIjUoeEi
IQYEoNnMAZANHJBQFZQIxNxiEVQIYCDElGEAHYlUlFFWDVIMDRgZUJzgVAwdnQUgicAFwRUMWYw
VDZkEGRYISMXJRYSaIF2UAADcSSHB2RHAEdzCFF4ghRwdyUlUBAzhGd3BHNnFGAwMHZxR4ZQUyV
YAVUHcoQQMFcGEohGVQBzNVZTQBRiJVdSgmZXF2dTQxFnRkIWBDFFeANEMnEmJDFVVxCGUmVhch
JCRHIDUlESE4iEFIBAZoUhFmcEgHIBA1JlAUiEAhRXIlFUVDIkYXeGI1IxcoJCd3dWB1FHA4VzK
BRgN0JhByc0eFUVQlBRYIRhIoQBdTNnE0YxVYCDZjY1gAeDFlc3GDVgI2FoIYMSOBZQhIgBeCRR
iBVgMDYoZ3dzdDFxFjOEUSREEldTV2MQNEhShTYkNYIFMgNwJyBGIyUVJnVoEzhEEWF1KHFVASe
FUEF3VhdmIwMVABh3dzMDUIBTGIQDFRN3doNhhjdldGgjhUZXgUQRg2IGZVZkBBQABGgEUAhnVi
hTZliFAxFwcnQVUVZ2IQJCGCISYxQncFAnJ1cxN4gDZ1ZlIRVjM4UIRIRTAnIRd3ZCgjdlaIFCY
mBlVQNTQocIKACBhTI0NhY4NVElBgASB4WDVYQziGAhRyR4QDdChhZ2B1ZBFFciUxIQYFJlAgYT
Q3AQhoQAcGByOHNIYGiEI0hlERJxghhkIyYRMHGIFmYoZieDeCBXMhd0IENTQlGFFygQdyBmNIV
CITEQFXBBUCUxNVVigGgoEVgDByhwQVBHcicCJoWEKAM1NWcFJCYyJBRzcjNARHEUYGgoUkVBID
F4MoaEZ0gUODMQeCQwAySCIiJmhgBmBxJVFgJVZyJ4OEB2QQdGdRgSJUB3Z2BBMHECQ0YXCEYgR
RWBAFBWUiAyM4hwIwUkBgFwc0I3QlhGYxECR0QQVUhRIUcjEihgYxiAQyBySBciB2SHQoJRVSdW
cyUAc1N2hRhQMGBVQwJFeAcVNTA1gEggMxSEUGd4Y3FWSFcnRRAFGEUldChUcwWEFnEigVZnZTB
mVCE0CAMkeAFSEWWHUShEBXYmUAgVQkhSZCaCU3BCdFMlZnAWUncwJShThxYyBTgzcYdoVkJgCB
EwV0BmdxAkZwAxMGCBgBZYKDdzElGBEghBUwIzBDgFA4OGBXICVXFWBSd1glEygSVDJVdYBkYjR
mAlgkNUJQFoUXQoaHUmR3CEJ0KDQWRUiChHMXh1ZgATMBJGZGFhIiFEcyABJmZkSFY0UldIdygi
VWMmhUEocRhigzJAZlOCEhAyB3EHZGUEFDU1GIeHYjNgNII2dwN2JYc3NFWIcycDJjdISCOEIhN
BCGElgoUYMECBAIMEcGdGWFWFc2h0eGERM2Byc2Q2UwQXdWImZFKCJhRVaFOZ0+KDXUoj30jDGs
YL4L7KEAuevyOLifPNDnBY/rrg6GB81xNpsdKdjg+osRG0OsBNsmnxkg3nALFodEYQ7Z9Qyx/np
5rreYJ0oy77dXuc4DoHaOxtPuAMOn6aKZqBtUktyInranRPjubOSe6isnInZk7IMom8egOvdCeF
TguF+WaiaFU0WCZIghuUQxYqGJ34QmRLSwLT4f+uHoIV059jAzuG2E4c+2bGyebTCKkzkahMNGh
itzln03fRygDMTJREy2uvzxb/pAZ4Tewp9tVlP90Lf33cyqvwJBlj+yv7HeRneg6g/6GOs/4Snl
4k2Tbk7iZdn7fGnjqf3Sdiz7pNECCHvAF/TPnxCYA41wUD+gNUnaiz8Npk9N02V0FXi7NZKJQs/
lVtIuToWlVHFOx9gswYiCmUS56mqTiLs/KR8c4zF14NnvQiakpl60tKntDkcBUZgoruDJLnLH9n
yft7TQlnRb4NG0hjv7s1uY/EnT3mvgGHIJu3Tb2sqlHLkVLsK19rsMqbF689svN6WCZ38jNsZJc
FPEzcCE+fb91n0mWx+f6Ab7OSm/CPS1WmoMHxi3ad2QT93f3EJqfNjOZiiTDKPre/ybYf8EBi8A
Yv8YA+HJn7zduecMIu0tEVkEnUqTm1Jo7UJPXO//R3TSBgcnX9AwBgRagP6/gArBVh9j9Bjd9OI
fmS1bUY/Bz4Yhoal1X1rpTfSzsw/ZXcEpM/cYRUEPaFNsNcFUjUi4t8e68fp/CciGXkLEl5LC8t
72or4gCSzrzOaPwnSB/HVSflRtQPqD6i9QbR71QhgvtF+KeZD2U4iLaJf1fDUNqXa+IXNy64YUR
cMuQN28uB0ewxUn68UdRMUIjmq1kNoHr4QH6J6IEhC6ejjbNkDPvoRrIuoIsJ1rTPoVPEpzToK2
cNlqWjRHHPtT7qH08xIgP0Hsa+8qa79vBkmqIUcRFtNdhGfv06pFwvJa0B9dTSxfXIO8iO3LpCw
Daj8W44gwx6m5MXaMLXnjcwH4i7vf8k47RpifCr8T2V8D9iCKNdFfd6FdHEZfkCjbe7/aVU8jST
2AUrGYCpgC5MBkSV9IoxT05KTC0ut82Ni0BRDi+LsdI3syNoARoE0BqQTuF5XEFJVe6MXzmZ2ig
XfQK8aW6zZnHwW9TtlF23YR9ozDN0fFkwsoMd8qeFsgzUOo1TYi8w1P4FnmLp0NdoRDf/gX+jBg
Fs0CWSYZAYubIR5cgDPN0mwlQJDW46sr2ATRabjJ0A/N9ZhxdWEV1Qfb91z3JixpUGjQ1cPhBWb
ZnJKCMarCmx9rNjoGo/WJ1iOilahBihCH83k+hUWFwNNrTZSm+TnzlObpu9WgE5g0e/QzQrsIO9
o3s25BQqJAGiRKBLd0UXz5AUbSB9fFaO21aiX2WWISjdA1R4SuQNNQZcVgGuKpQBAcPV7xcFRlZ
eyCOw3/AA+WInx8mHjtDcOIowbEG1HQzV4CTsAelNp7I8CtXsXL539wiUpO8A2Fbh2wqTbe1W/K
DSM7VPezIBE9gFPIDGJul1YyyzGON0ukKAHWmAiUuoBtlrryFFEO1Cnh01aoP41vMWMiqM9Xi6T
/oeAYdAyY21G3oyKV4JXrNufFNyhivCRGaptCKDJ15odOe4ZXJ6BIaU3UBz+cm85OOAwHq1FoFB
XwEuLU95G65QHzukC42ajwAhVLjcRudqNZ0Nb4vi63NiP+ZVrS52vZJGSPa6B7Vss+PYsZKp+OC
j54Y5Z1eU+Q35lnLLSKMOkLTkCP3oFxX8mW5hnZO3ysCkytBC3CRe+7dxTMP0XWDT5LraSphlAB
7ocMAKh8mSPYhqAAaAgekjmvPDMbIezv5slR4M1/br5cc4z/01UwKV2qkT8DQxM9vkHO5XLomMD
DRJXW1hUnpjhOrOzMsiTJ6aQ/+z4dBjJxR9a9mYfkju/SEk3V8TX7VmKQk7WpKTt6b2xGiQcBhM
5BZBouYeNZ1D9Bgv6CyME0GIjf9nIXyq3mNs4ALGgheo+RIcPXrkhVZgdZexEtl0N6s0ynZgbBe
o/baP1pV730vAqIgbwSerx6773sqSorU+L1HL1XQrm4EjgzirKn9/IMm+gz9zYRZy1RdnnKvMwo
+mV85fOOlUJZZhdyOKEXp+OJnez70Y7iHnmuqvDlX8aQXzPm+ehXohw4yiLVhcENTQyGRjR0pFY
3SkW0OyuVMysYMo6LBAejaoKdCbcI6VmRZOPRWXbhch2Pv29SErLsbJrSSE0JAdRIZZKW6IqkKM
oGQ9oB72br5mSFeg5tYMdDSgqyOVqJmFNB6PzEvKbke8AwAiaZSX7tteP8LVxkIJPHIaBAVVWij
olG2Oe/eDXbyz0ZwbomnHe7wzyGc3W3LmpbnP5wF2QnIRRrLnBQgwvMpV/JuGkdcWc4awiSwEZl
cvAhQKCUWvLYgGLNaa8fh61OVOGCKymMt00w7/RGufPKaunCzlei9JF0IKCZBS0LzOeVMhP9lnb
jjopJSP6Mg1RPCTHD1caQ6NT6HVrv08SmHCRG+G0szAEpC72sXjeYkra+1bwj6RCw49uzd4gZ6g
Ruv9/iN5tx0CW6em7bH1K30UFMDEB/zTsEBSj7QkdZ7TLItDIUY/ztMu+La7zHfCFIz7OpN7kYw
xLDax+pAC4mBunet/zOyaIc1XJozwTz+HmwAorOlEqPklXNJ+78VKtDih92px9K0ALX70/akq+b
kLoxqf2NfLEd3YOJhUZE3jt3KYTpqohzJWAG9e+2FNXMqSrTOY8YZq4HThTxyWjvNUX6iQYc6OA
N17XenbHp1Cfdk4Bc8mTheUocqUOtrRFWsO+XhPJXSv6XXwPgbyD0Jr4xMQ7ni/vfEZuR6qbb0s
+Hi54aEsF+2Y4WfafOFQvRNcemC8J2rMJenGbCzfysU1wiz86qizoGocbd3OS9GqPy29dupfFKX
t0dWnFmm7SHoqjtpbyjr31Q9zSt271gxepriull6rVegURHtZtINi6LHL6yYCd3PQcFdm7tUpt/
D3bAjrvOIf23rdQpahyIAE+xrtamDF/0qjirz8XBMkNxKgXbA5hgyhBmvDU/YjGxIhyOZj7tQgg
XnyDiUwdxO/i0onKxh56aI9sPUptY8AGOArV/1DZ5gJqjcF9BMs1CTZTGQiReyL/stfgkDcUvbb
a3+K8beH93CNe2fYYOPIVc02fY9kD85HW1ljtsm6caRAHZl0IxXWpeGbmutqhuWyWe6uVpP21rt
LPkJFRnpUFcVkJbJs6nUspUdLE4sltzEjykqjPoBKct7rGRSCK6A7jBTrqArh7yYPMcm34bMyX1
GjvT9pzm8sws2wEINOgX+0DRUsEixdVXp+ZVcigmaDEEDNCSblD9t5nERtIufPxKONt/IRXok6v
5jKWbZWIFB6ZT3EvIpvcrm2Qybxvrp5GwB4FaUe+0IwuMlrt7Nr/57WTqgxeeBMWbHnudqX2QzP
2nnlAWip3YQ1hWj288bZ1qnRzc2C8S+eR56qcAPd+xN8ehs/n1WzNQoBigXXbJsh0zpVZuML+p1
5GEH7JvEtV+4flx6iPSCkEahgXLXZFJ2i7gDa+tWfXPO1oa1cb9uhLEkZjEsy9YivBOmmEhwq9p
EterizqrqffP1EIco+LBB3Q5mqhJTh42+i1oRVDrcN0dL6ZIc26NI0ebbBKUuHZLlMPppsF8x3j
g88uZjshvwaQy3clEhPpcwRf48/nbMiSaaWvl0/dXNgrZqYPrvUPGIFr+j+YMLVod2+74tum7AO
c/k9/SsUcoQf1BkFYV25+ViK1n+CwdvbBS4VPeoTroO6YiPTB6sT+id3YIgI03yQmOQJTsRr63S
q7a+f+IBwVPuo1ZMI/4MGngXtkquTEV/Ufs0sP6D5KmOs5lhGVe8V61h+N2r9MLuKIlV7CaoBGG
TQ1AXj0vliWDltZnVQ9FRJ4QYQFsyln7DVORfE+luuq1YmutyoC3G/JgnSjtoGOp6NQKrQGWgCV
0gNIYa/Khg9cPcIIMRn82LCVNRhRdI+hPkIHNcLNlJyBQ9A3IHHERtuJDQMoJN6aq5yx1rhbOUd
GhWZEZHiX9FaLcURoChbUPVdCZrmLuct/5rbnfMfc0bmmHR5cRmENMEIwI/kLljrCoDmcMEGfSB
ZEEqX2I5+xVAyUfm3j5baYXlzkTjSX4WXXx70pkCY7QNymW6im+/neA78w3TMV7P+0dqehuA6oh
C+2puIkyZ8zOm0vfbte7vFXlqh2eV38TBVT0umIaw5mvv07+9S0OOzdDrR3iix1MWA4iT00h3wi
1y45KHrbb6blZHECBvOf1crFR03SpjFqiSkjGezxWN84lPMTZKQ/dflmxWhN4yYVJpVadSwJoY9
atRVI0QI1cdvO2AfDdPIwRtrauRrYdEVkAkr5H65nxBkU2clHsIdQDzTB+7npX0KUsokKFIe+Yb
/Ofko7Zz1jHBaaPig0u6Ul1w8oRWzqREQPWeKRd1SEziC21DZ4MXIuzZvpH7/W+LqXzC9DvaJOC
HY7fve9cMWDW9AuHvAPMtk5/NnekpUKit4acfIFn/YcUa3gN3uUqoC2x2dZ/GrehDM5Ff8I/b5f
qxBB42tJbUWIHwxINT+2iXGn/dpKxV/IRtvo8VRlRgwaKILIn9MjJxaugWzsVvxDuxDPGB9Wgne
lYOgVL8lt6l8RrSf7cEvdIDfwm0rzd0xQMGLwlynCtIOY77XRyOl1SR3crHjNx4H+R7nqF6jMGB
S59nvlGF/CC7OX84ZxgTaUXPk8hrR4RB7elhBR9azgadnqDfAbvoHmjv46xRniCVJywrgkeU73F
zU1WRLT8jrECDLlnLVvpXMyMB6L4I5rrhQ6R3Hc095SnMcSWTmFSOwFs2hsrkzEfJhWZXRhCeKW
pe0zFhHRz4MUY5Rf0wwTabYOpRWhMK6CgA2l5tFc7r+SKxK1v3i8mZ3sB2TptIlfSVU+iQT8RLE
dJjWC9BBqW76a03u7YqiUr6aKsw2z+AN/ZnuLyZ3YvWLHNdCRmtZlASMZfoa5K+FfkXUog4m0Iz
xHzy2dMOpDXsi489oiX+8D3L51Le/K9FR4xjLo8TMAjnoS2KMrKfmiseIqIMJfcECcKyM8UJrEC
kS+GC3Hu9g22bsyoJHELwYu7gKbElItj4dlj7RRv7DXYPF/fJiUkcjK8WTQ9geHKrcooe8DMMMN
b14Z5G27P6ecZaaHL6FM1ixnkIF7EMXF4EVlXo4dgSF0Ozc+LF57pYVc9x//5kprQ35Va8Cs1YJ
TooS2bIuZEzQx9GxXigLG4yQvbp2q3dQxQKqovdOp/c3yZfFffBQsOPCUKsnmpEJsKhUrNEfzuy
lZTk5/8gnH4//6wGD4mkq+2VLi2YNBj/YCBFRKTQLqUkiZKRjeyWakBo6aVS+rJS/gQD08DMISi
ihNK6Xi0bxoHV0le7Ag05q3O+QuZEjPjZp1w33nwv+ck3uqPsH8HQbvEQnkxFidEK/9vXQyB2EZ
kWfTYuNvWPRsBab2f+iOm0nUh6Kg+xHZZrX7hfN7GMvAx7jfBSYoHSCuRhZuSMYwXYWadBiV4Ks
CNAOm5PqE4p6DQmYxutm8/3TzkR7m4fEuF/E5qHZ2vpkWI4MTGx3uYXf3dLHd+JiEorXL+HzR/d
PhaHTDL/XwenhrGZSZc/YNAXka/6OpzN/+oP7zmEjLcs9RKqtRlipmjlusriUfxJ5wxi+xGS+xy
rjXeXlqe3EV0JVdVSJx0iqR94g9PX69zuBP/rPNxdQf3od86mreh0ts5ul83KmUK0xpTOQqLAZU
uckeC6pmA27nZOdjoMUhySgzTu32gAwXyifRQc0wE/EmZWRneLgh45QecDE+glcGY8rn0+P5dMy
NhlNwNwbgpc8NSQaL5+dM9Vq8+WtyBRwSjG/TkjEMY6Ex+hIASoM2D4Hs5MJ0AHNswQQIBADATB
gcqhkjOPQIBBggqhkjOPQMBBwQnMCUCAQEEIBqglVGEbVW2JdupT30vKPECOx29/9JjP8kbw9GW
9wve
-----END PRIVATE KEY-----

B.2.3. id-Dilithium3-RSA

This example uses the following OID as defined in Open Quantum Safe, which correspond to NIST Round3 candidates:

https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md

id-dilithium3_aes 1.3.6.1.4.1.2.267.11.6.5

A Dilithium3-RSA public key:

-----BEGIN PUBLIC KEY-----
MIII9TAMBgpghkgBhvprUAUCA4II4wAwggjeMIIHtDANBgsrBgEEAQKCCwsGBQOCB6EAD7KvTpq
fJ66NzesNkOiHBXWcF5FYs9mBugtOHAUrl86Ns8l24jV6Ut+TjYd8TUbUClNoWhGe/v2W/gZ34N
QGlUahMxLY68nqH2BXO5bjMHbE4pGGGuNejGJnJoe+1/kd9+Mym6LE2YpAZCKRtgka9wXR3i/MO
C+qp9OHi2tt9cpur11mk6NPWjdVMqXxOBYgeWESR5k8fYS6ttRNPEC2JQ5ZtNMV1srdov+mjWRi
TmGIXWUwXWEI/5LQAthtaSywFPHj96+kLlm79lbYeaVfSN/URojQZLAq2gx0DFK8m5ZA9GaRQZS
L3eavfzw2Kd6pOdFNemTquM/i7uGFc4/Tt2JOGjatLz4u9UvvO3pLUxU2bohd1vR/FwmB/9bgwL
mmtdtrP5s2N+/oZP/kBYETHNX60oaldO07yxog3V6XbRybCLmGi8wDrSwNeIMrQEurKA6vBl+6O
epfMaLjGZKMGqAZAPy+Wz51uW7diJOHx8AfXoFcj0ClUHaGopxgiS93rQXnDcTGn7JSIqt/tW+T
Or2v3BuepZThd+guP/bkDBqHbrBhHtVsjPp6YMD2Zis8gT4c+9DQYKwRewb829g9ZmY3cxhNj6h
KwVypB+/RUSOho/DWm32a76xQOfDODh65noPoPqtMBOaoRyAm2qbFPztPhP946SAy6SWD37dZ+t
8k26vJ+l2vzMqFR+pOymYFFgwP3K0OFaKf+K2Xh5luhRVg+Ev7BI2ejBOFh6TtjX4ljTPw5mNQ4
1wnMD56tcGFBxMDdnEJl3ekCPPwcDBLZvacRIJjOUsEPvybcY04FVADSXM/jSkZpW9BLNR5brET
1FTXIT7PMN6ueIhAdKDDHgYNN8up7ZE7ffZBByIXnXVil+Xt6CAXOV3YYRtegHBT3bl6SZsHxfE
9atK6UX0PzT6LqVnUjZNAJfWnE7GSiwZL+E/32JXMkT68N1obDffi7Nyv1NqAmGqF31wWwH69+E
YV5JE/mHUxfInpG9UeNvGnLVgus6/O7X1b3H4/BglqQ9BhAz5l3rStt1tolpOpI+HErKKc5CXfo
/vT958tgObTjY2LHSY3BdAYo85zLnwAE+Hw/ZA37NlnOl6YXhEjNI7SuAw7hcPqO9LPgoofk7oA
DU+iGR28qpmfYDT8lg0/FKRqsufHvqRon1H8zlFF09Xpi0u87JnVSG7e1oqNBjrfLR3/5iR4qP0
avcFaFAUpM+CGVX8lCL3UYEDa1wK29YxnkU/9JY5NIERb/FZagWO5yXv5gJ9+E9wWY44moU3vJY
3P3Ov5x2+1bkhiAdmSUCUo/wU5eK7kntlpU/6c/lCN+VPlhht4neI+NQkmVZvbbgEk4KD9qA+Fe
tizPH4tdbAJCwRR9UMuNPdgwnObVmKCgwGZmZr4ZSDpDmdR7XdPOaJw6hiXxvr6xAVuvVNrHfcV
LsiqdKop4jG7/DHOZOG30/LvyOutt9GktBDCnIPAE+7/JHK7Gn4FGbOt3VZxW5L5WWiRxzePYX4
urjt68U/sQYxJRMqopRPhpGnguFAw6Ye6wpyvSg6nkZjeADyNSYn+W66VR8IZafpnfGxFtnZRPg
GiE3UAxL7YvP7AeG2APYepCtTnNybFPHQPkHSRtn4NK5BenrRfGBT/+M4WdyYQ++4Kn5b8KoDr2
HeU2SqNOru0VvEGa10emd6YOe2c7NgJGNcp0OeCzYsNZxLoZJru3CMZ3+w5uyf2TEaCEKwCM0+F
NYMTS7o+KFO7N1AdEG9Fz4HeIs4VeqOKFRf4+brBo8xK8AV/dT3aXxORz6TRR/wTNwKDuctwJQv
03Tq4X+db+V6z/4nuyzSU/G3e7J0JtcuMgkP6txV2GVZPFMajwZckg0uFZcu5HTkXJsa8x/JWRC
cLxtzYin5GqRaOHYgksJ93ab2vTW4lvEUlxt841mgICndnUa1NSyC9rw04mnaBSHBTFLjyKG1FO
gYoeRkE9Lj/VCmmr1v5P9/AK2Ui5lGkV4ugsBOx6dqK9TuZ5uSaAa3fvgIVHofBKckafpHBMpcd
AWFUNnv3RcSIrCx6IOduGDJr8b3JuQIxCLg1u4HaJuSCqsINhch8B/4NTz72YuTzDfh3cGHfvmF
rcxYgp4FTq1lc76nC7q6fbxMaRZVfjqcbFCTUbBVtg6mUapmDh/Ao1VzXUMml1JdBRqJhBfNcKx
kj8oJ0+U1wjcqPcTTCvHljuMmNtLET0AVdgxSqUA1q/qg3dazHJ5YBDKt34a5cmHQeXj8pXNalH
hOpSSb2uHlau3cfxPTRPqhfKnkDPKFPNaqTNCF1Pmh/xDzbCVNaKkPK+rLQW7p5VpA2cGCNBj38
eaKwVEccH+NUmTVyxe+jH6QZdQa8GuawW1JYo6VSJGJycqmyVWcvH7m9ZYQI7VObfvCb4D861QW
IvkeytKM31BkHsxEEraJuI50AYxIs+1ZX/bz37IRBLq9AivLPCFZ20crOPT+IS2v4Dn0YIfDztx
UH0lDfZ5b3e9QBsFVORp3o6Hw2WewktGlPHCfDrYsm/t0Dv368Hbq8HJCDdnw9syZCjD3mBTnYh
2HQiHSbViOvOUnD3saFHZeONsuNM+9KXi/d1k1o3Y65Ud0wggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQC+G9YX1BboIItyZdjEnPeoJXh5J3UQak+lkO+KirllYeNQML7ent3l9KOp0tM
/IfxSDmVWtyYAUoxM3TGnDoJgCCn5jUQIdQkPXTxa7xeL11W4d0fqyaAOyMOXA2QZShE61dBEz9
ly+bnIN1MrcwLe0q/TPuKS1EBp8LS/lQzW/PrHTnDHwoGinBZq58B/ErgmPh27QlkhamdXG4KxD
dN2ayilmvdG06dMwrGKs2Tag5HKbUSMPA3BlKvvqrJhMb3w86xPf2MnvWzVWmi0tpE2zcCgXkX+
4VtiikBW1QoFuFjiBWNJKWMXe2UKXYbdYFBPzaJiGCdiYXXJu1N16pSxAgMBAAE=
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-Dilithium3-RSA}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-dilithium3_aes
      }
    subjectPublicKey: <dilithium key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: rsaEncryption
      parameters: NULL
      }
    subjectPublicKey: <RSA key octet string>
    }
  }

The corresponding explicit private key is as follows. Note that the PQ key comes from OpenQuantumSafe-openssl and is in the {privatekey || publickey} concatenated format. This may cause interoperability issues with some clients, and also makes the private keys appear larger than they would be if generated by a non-openssl client.

-----BEGIN PRIVATE KEY-----
MIIcOAIBADAMBgpghkgBhvprUAUCBIIcIzCCHB8wghdaAgEAMA0GCysGAQQBAoILCwYFBIIXRAS
CF0APsq9Omp8nro3N6w2Q6IcFdZwXkViz2YG6C04cBSuXzreoI2nq7/EVjqV0dVYtWemAk+TYAV
dZpvQmMPkjQTbD3f4xBwlnQQGwyIaqV3uLMaSixrNDRQfjmbMzkJveKu+GIDMDNRhhYYFBQARSd
BYWIXeEh1cRJjI3MkQhQTUmgHNzFTYUVgdXMVc3MHCERRREdWBXhCcwUBBCQGR4cRBghAVXdIZw
NhJFOEYHVVVzNDQ1NYBYcBhoeBdWNCB2FxMkIGEhBiFzUCURA0FAUDMUczFmhhc2MgBQMnhHA4Q
hRyEjRAcEByZ1FDAwWFFhdVcoZXI0R4N0UiRmdDd1NAFkYSJIRHgwgjJ1hwJ0N2NXFTZ0EjIVED
Y4ghSFcAFngxMAIiBQJ2chBmhXgnYDQkiGZTQwZAGDc2YxY1hUUEMBR3MViAVjJHhQdmFgdERzU
icYRGaHOBVDAFNFh4JWFXEWUHhidHU3h1aEMkBoJCEnSGSDETR2QYBBQWUYdCOCMwCGKIZkYSYX
gnGGMRaAQWInAnVYiBSHEHYQCIUGcEMGRFMzhyEQBgMTAoYVBlhYgDRVhSJkUSgohxGCMSZGczI
FVBJEhwMocFIGNUY2IicDYnR4BiYUB1KDREMlRYNnczNyQQFWZCQVEwBHYASDAFYRdVYjNDNXAI
ICcEgUY4Y3A4A0FEZGZiUjFTUzAkQEUTg4JFNVRBU4RjdYcAZ1BCgTNGZAYDIydwJnSBVlZxCFI
HM2VUZwJGBDNlWFFYZ3gGZEUhBIcGEnOGNgdQEmFgM2AjhDWIUGdVYmMRBzYCZjhoMEiAI0cCAI
NkYwVjRwcgRyR2E0BXEiEEVRcih1KAU1dScTYmg1hXdUBQFocFBUCFCHZyQhVQYIBghAQRSHEhB
CiCVVhoFEAEV3UnUCIzaHc2Z3QYMBIkQEAzJnMxd0EkCCWFM0VHAYgWBYMGCHQCRjVoGGdTCCiA
aAiGdDdgcCFVdYiBQSUSZwNxBoYRaDIwJEAHBYSAiGRUUxYEUiZoYABCQGMkAHMjFBJlBFQBMRh
RAERCYHICOGYAFUUSB3hRgzKAFiNFJGGAdFGEhlVgImchV1cIcUZChTYHg4hXEkFoQDgRhgUAUX
MSMwgEMyYYAAAgVHN3FxBDgHQkCCNHNwZzVFWBMyQQg1AjYVN2FhY0hGMjdlU1VFMnZEN3MCQUB
FhzBIEwABN4gXJmRhRDdQgkVHUlFHKAJBQFBGIGVmICcWhAcRYYVRVECGRXQFYjUiMYOEgwdVEH
MEdERGZIdSADhIJQdDNHcVVxiHNjUVQwUUAXKHFxWDOIVzQQBQN2iFQUECQEgGGGh2dRKARQaCY
3JCZihyAnRSElQoIXghZmdgV2U1EoUQdGKFZFZBcHJAVSh4UHBYJyNBR4AHJXMnAIhABmM2FHRH
RhUjRHgSEygXQkAXUHaDA4JCNYYlUVF1GHNAiFQDQyQINCNzISI1cichgTYVJTdEAISCExFhEYU
TJ4B4EDI0EVZhJTREEBQFhGGHcmhiSCMoVEEUYkgAcHQQRhBCF1N3AYaFQoJjQBCFRSQQRggnNk
E2EnNQUnMgVghRSHgjAoAyMEQoElVWdXdXRiEEAhI1UyMlRBJHeDAxhyIyRWNBMTFWaGdwUUhmA
zQzM1QIBmRoNVR1R0EjBFZzUxURKIIFAUgRWCFkBjVENxElIEZ2EWAASIERYjCBV3ZYR2RYJyJi
h1BCFzYQiCRmNCJ1EHR1VnhYVBZgQ2ZyASSDZlY0BTiFdodmgXEjAFQFFjNnUAUVYhQTOBgCaCQ
XUiJjJDUUZmYCFSAgVigVcIg4IGcoI3RWEnB3GCIDJYSGKAZiMyUXBXh2h0IHAiZwQSU1UlZzcS
YmBYFgJIEnUkV4BzNXN3cGQxEVc1coVgUkVSBGiHIHdCQgcxBoJmhxM1ZAIgMlFQd2MCgxQmURF
gYXIGOBNyQWRnZlKIE0NjGDIYVxFSGGAmSENSdYKCE1gTclUXU4MDAAhzNoSV/oB1DjWBLZ5P8l
QVd2ppLs7YI7BBTrICpkXQcPWX0jFXuibD+6+YL56TvIdb5Cn4kBeWVtJTIIuRyJVK7NbzKPg+e
Njo49ytpj+GP8QwnfLuDlYY0v012JLonxvrYc1izUZbau5t1XU4u/FgOvXpP/HuQKxwBefhuZAm
xZedCArFTiDa7pPKjK5TJPCuCWvpz0hOjqu01KwvD0EUUIUq7SmvWyt593X5XwPx8VSYaFqLkm0
cHNmFvGYAGT2MyBlkmsrZPjbxzeqF+Riias6fR/DT0CGHK/aB5BsKFgup9kEOnVEhDRlRHqp6CR
WndVHV3PBvUBmyAJCOCshWzu/Irx+HzEU5raRqzs/5wwTZcZzahPx9Uo/4FeKWkw/UcjI+uxyIT
0tj0mZ5lLttGwfC2JuH+G2DHUcorccCwFnaoHJ7x9jf/cnKcOMFji4UE5CHVKnAEgwWU9neDJ62
V4JAY6nTKH6nZ953w2u4GMI/pvA8RYaylEhoHmHTSvH7xbFlAH0FkI6f3DuGD2UVMkk6+EGuC/g
xp0gws1X8ZsKSECm+0/yWwtRmbyVNW0js/8thly5eet8ZaV4AG6MysyeW5Fp3CvS0AKBfzfO3mN
YZAxzEi1OjtNtuYiLmXrvFm6xEewIQLBix7M907KuOY8wuRNIArJKzrGMybqjnbk2woBNFJV7Uy
gZel8xMX0dWvcAbBm0K1wxv/n17nFZ/rP2BqGJyA6nGu7m+vREiUdahK9YU4xAWGwjb0oeHCE5E
kWi6RPEGhVgWmlcVkUGBvWHQYdiSTu5plMAPBeWVZneGwbVZ3B0ksLXfGIc5lTcReSGyeCVK/6W
mE/GtH92lz0fC9GQWgdyTK4H23xP5PlRGlzVLJ5CVA/rucNg6F7AU5bycpC557ugsdO+UOLhc92
XTl5RKvO4uxrqZw4OOzKXR+aZFaY7AvpPSIXYQRxk4dHAW5ra8MpI0b8aAJGf4fE4ad2w6rgpRf
K7NUIUOfpBhX9QxcprPyXsp7AfQsoCBs2ipf7QoJNu6GkFCFijTFxBAt2rK58QoeuxYVjQidrRg
c1AtYhBFyY9OronGTsaEtpL8goTptIX10f5YYmjmTd4FgB0Iwiww1Re7/G1eiRARzp4M1u1VjgA
xp+1pRZn8mpx0PIDMSfRieoicAcXhjMgCCwhxf79RWlxUMpKU3xFNVN8kcS1XXy1OUt6myApnjN
2SzUEJT0l/zT9ni/JhDhAb9vd09ab9DWGifhIyOkoq2Cg5AlTQXAwI3kDp31gg0cDP1O1j0D69w
pzmFlo1UT8MauxEH4h1AHWvyM9Eiul90Mkp6ofd1gcFC3J4fSX4y8Ut4n4vyr00k1UVKthLIlg1
h+lDi6KZBl6v2U4GwLyU5bx8O5j/iUyims+sxjlsKap4YWLK1Z1EMnZUwLyKgeUBljTRokTEVSu
1oMahgoV5W5FjNV//mTsLWQvQWKelX5qpCvzTXIOS9T5Ucxex0/7lFn1/k/I1Qkr4FQgtDze1Gw
rppntEHXj6qcpypsQwPZ1aGwBNvbAlwbX7nt2Vz/twx7kVInyvB8gROkG5I+SAPiTLCsritC/Js
oyeyEXvXPm3SbU9bgCrqxZ0uDue0BrfdZVagEpL0Lbr+TSrVVNLv/DBfQsYD+DmMF1ZP5BkTqXI
l9eHmEReQCIiA4kx4GSjtDpcQNil2m62jlM5yVqa5mpDKo7VvOMAM/FZehEWqtEDDwP4KC9AHFq
kVhpt3/4ZoT5HX1nxaBlfm2Ts9i0VA7SJxY0HRRI72mcFbxlm2bvw+ntiX0La+UUblSZlafu4F0
xDYAC9f9oAssAkaMgbdgi+GNQh4msBMI2SEDdC9iOTrvbx1oFlySi3StSKND4iAxs6c4IxY/F53
THVCPd06SFyrqYW8A+Ex/tGfeKX8rfZVnkMaNScMpxytXd16nlvDxWGT9RvNuDLY5CzQwz+ng2N
OirCkx655apuXisz6ELRFvxb6MI0FkdlO87MuYQ7Q9uGxZE1QcRAvIoqTzl+E4IoALr0sf690M2
V4m3RMvALIPsCJVrXou7SUUKEwhozYXyVe83OQZpqeQsB57AiCA+YXAv20Fgp5xJQerU90xuHXM
8p0zhIizEDiRWGt68IDeqPjcvU+0DWxEyHqUvBZe2vmNCpV4CFodMleMZ3LzP9pBUM4kB5Co1ny
Wzz9EKgPAZD8gYUZn2bSxvX8zsBEkW0D1RAZMsEex8c2Hb4jJiiEqwhyLzysagU8nFdNZ+W5kgv
Dlk7k3E9OSh7PuBKCRZXd7cVym0NHTEMHjOaiPHsgUWB3oC+D9e088DUEYe4cu1Q36Bg11Vg0EG
YRwBgnt2OkWzNKRFSN2mPp4fUY/3bPWVqOGQZcclhzVSNamMcpGWTjtWfb6utfAktCR+fhY9say
X0jsn0D29PfLndlw3syxoi9gAwy3gFCvlfTbY+n7AbmEO+R7CKOXywqcH1vIUfHtWUaPqBk0/6N
rfviLXewdS9xu401eIGaTZlWIePIwE1pK0nedALw1ABGnUfFm7kz6UDRA59X1BXb5oAXzzDYRZX
IWPV84n0XVFaFW94glkwO1UtUtTioUUTaSAXvh6YR0kxMhByHkDHpQ+B7dN25hAc3rYA5NulK3W
bIyNimLOxyCx3v+ooRtUzmseT8rvS1dBdHEvt5AbENG8oFWhyquwN2ftEDGRqJs927RxvWBOp0i
kkak7vyiawuFqU9iMUyQ6Pcp+tOvJ+m493C5H3s8L49gfiBiqr1hYZuFqO9u87wTuVt0eGF0grm
EfOKKdiWj/+cvEID4XRE5ay66/F4rHneLn6Ucc82Z1Ga1BInqVUdD4O+4mGt8z9FE7p2JkFcdo6
uKFxvFtsVq4kyYg7S/t2km7HkIU4Byqa6EGJPHbxdOX/0gADEvovhNHy1WlZEpinPEKTP+jiAvl
T5IeA95LI0GP2sv3a9ZX4JUKFq+pAB5t7EwcGj9/htQ1MOKItwAGgYJvTVKmiCgO48UxqinqH+j
qyDKcXNC9cqw4SVVOa9ulu7O0EgARObu0mxA1PMvJZ8VPaARQl/vVejgnLUUqoqD0zaZprt8wQY
uUbkSO1Yr3PUz5YI6ldIuutuplG842+FfW6oFU/cfsD2Rp0Yxq8O/gzOKMR7KFhhi7sLKs4xSwo
RwI1Rw2cUtXQz/5SH936SDtdgoFTmeugaa/H+O2hIbUJGQ2IS7NT3NG72HhNXe0qCq6v7ZRMN8M
SaDL62c5RwhpxVJrqGpr1u+cYupZ+YAZfgaNH/ePo8BZRDgurCtSS0QH82/2UUfahWsPVEiUZXX
khmVheFRhKqGD7KvTpqfJ66NzesNkOiHBXWcF5FYs9mBugtOHAUrl86Ns8l24jV6Ut+TjYd8TUb
UClNoWhGe/v2W/gZ34NQGlUahMxLY68nqH2BXO5bjMHbE4pGGGuNejGJnJoe+1/kd9+Mym6LE2Y
pAZCKRtgka9wXR3i/MOC+qp9OHi2tt9cpur11mk6NPWjdVMqXxOBYgeWESR5k8fYS6ttRNPEC2J
Q5ZtNMV1srdov+mjWRiTmGIXWUwXWEI/5LQAthtaSywFPHj96+kLlm79lbYeaVfSN/URojQZLAq
2gx0DFK8m5ZA9GaRQZSL3eavfzw2Kd6pOdFNemTquM/i7uGFc4/Tt2JOGjatLz4u9UvvO3pLUxU
2bohd1vR/FwmB/9bgwLmmtdtrP5s2N+/oZP/kBYETHNX60oaldO07yxog3V6XbRybCLmGi8wDrS
wNeIMrQEurKA6vBl+6OepfMaLjGZKMGqAZAPy+Wz51uW7diJOHx8AfXoFcj0ClUHaGopxgiS93r
QXnDcTGn7JSIqt/tW+TOr2v3BuepZThd+guP/bkDBqHbrBhHtVsjPp6YMD2Zis8gT4c+9DQYKwR
ewb829g9ZmY3cxhNj6hKwVypB+/RUSOho/DWm32a76xQOfDODh65noPoPqtMBOaoRyAm2qbFPzt
PhP946SAy6SWD37dZ+t8k26vJ+l2vzMqFR+pOymYFFgwP3K0OFaKf+K2Xh5luhRVg+Ev7BI2ejB
OFh6TtjX4ljTPw5mNQ41wnMD56tcGFBxMDdnEJl3ekCPPwcDBLZvacRIJjOUsEPvybcY04FVADS
XM/jSkZpW9BLNR5brET1FTXIT7PMN6ueIhAdKDDHgYNN8up7ZE7ffZBByIXnXVil+Xt6CAXOV3Y
YRtegHBT3bl6SZsHxfE9atK6UX0PzT6LqVnUjZNAJfWnE7GSiwZL+E/32JXMkT68N1obDffi7Ny
v1NqAmGqF31wWwH69+EYV5JE/mHUxfInpG9UeNvGnLVgus6/O7X1b3H4/BglqQ9BhAz5l3rStt1
tolpOpI+HErKKc5CXfo/vT958tgObTjY2LHSY3BdAYo85zLnwAE+Hw/ZA37NlnOl6YXhEjNI7Su
Aw7hcPqO9LPgoofk7oADU+iGR28qpmfYDT8lg0/FKRqsufHvqRon1H8zlFF09Xpi0u87JnVSG7e
1oqNBjrfLR3/5iR4qP0avcFaFAUpM+CGVX8lCL3UYEDa1wK29YxnkU/9JY5NIERb/FZagWO5yXv
5gJ9+E9wWY44moU3vJY3P3Ov5x2+1bkhiAdmSUCUo/wU5eK7kntlpU/6c/lCN+VPlhht4neI+NQ
kmVZvbbgEk4KD9qA+FetizPH4tdbAJCwRR9UMuNPdgwnObVmKCgwGZmZr4ZSDpDmdR7XdPOaJw6
hiXxvr6xAVuvVNrHfcVLsiqdKop4jG7/DHOZOG30/LvyOutt9GktBDCnIPAE+7/JHK7Gn4FGbOt
3VZxW5L5WWiRxzePYX4urjt68U/sQYxJRMqopRPhpGnguFAw6Ye6wpyvSg6nkZjeADyNSYn+W66
VR8IZafpnfGxFtnZRPgGiE3UAxL7YvP7AeG2APYepCtTnNybFPHQPkHSRtn4NK5BenrRfGBT/+M
4WdyYQ++4Kn5b8KoDr2HeU2SqNOru0VvEGa10emd6YOe2c7NgJGNcp0OeCzYsNZxLoZJru3CMZ3
+w5uyf2TEaCEKwCM0+FNYMTS7o+KFO7N1AdEG9Fz4HeIs4VeqOKFRf4+brBo8xK8AV/dT3aXxOR
z6TRR/wTNwKDuctwJQv03Tq4X+db+V6z/4nuyzSU/G3e7J0JtcuMgkP6txV2GVZPFMajwZckg0u
FZcu5HTkXJsa8x/JWRCcLxtzYin5GqRaOHYgksJ93ab2vTW4lvEUlxt841mgICndnUa1NSyC9rw
04mnaBSHBTFLjyKG1FOgYoeRkE9Lj/VCmmr1v5P9/AK2Ui5lGkV4ugsBOx6dqK9TuZ5uSaAa3fv
gIVHofBKckafpHBMpcdAWFUNnv3RcSIrCx6IOduGDJr8b3JuQIxCLg1u4HaJuSCqsINhch8B/4N
Tz72YuTzDfh3cGHfvmFrcxYgp4FTq1lc76nC7q6fbxMaRZVfjqcbFCTUbBVtg6mUapmDh/Ao1Vz
XUMml1JdBRqJhBfNcKxkj8oJ0+U1wjcqPcTTCvHljuMmNtLET0AVdgxSqUA1q/qg3dazHJ5YBDK
t34a5cmHQeXj8pXNalHhOpSSb2uHlau3cfxPTRPqhfKnkDPKFPNaqTNCF1Pmh/xDzbCVNaKkPK+
rLQW7p5VpA2cGCNBj38eaKwVEccH+NUmTVyxe+jH6QZdQa8GuawW1JYo6VSJGJycqmyVWcvH7m9
ZYQI7VObfvCb4D861QWIvkeytKM31BkHsxEEraJuI50AYxIs+1ZX/bz37IRBLq9AivLPCFZ20cr
OPT+IS2v4Dn0YIfDztxUH0lDfZ5b3e9QBsFVORp3o6Hw2WewktGlPHCfDrYsm/t0Dv368Hbq8HJ
CDdnw9syZCjD3mBTnYh2HQiHSbViOvOUnD3saFHZeONsuNM+9KXi/d1k1o3Y65Ud0wggS9AgEAM
A0GCSqGSIb3DQEBAQUABIIEpzCCBKMCAQACggEBAL4b1hfUFuggi3Jl2MSc96gleHkndRBqT6WQ
74qKuWVh41Awvt6e3eX0o6nS0z8h/FIOZVa3JgBSjEzdMacOgmAIKfmNRAh1CQ9dPFrvF4vXVbh
3R+rJoA7Iw5cDZBlKETrV0ETP2XL5ucg3UytzAt7Sr9M+4pLUQGnwtL+VDNb8+sdOcMfCgaKcFm
rnwH8SuCY+HbtCWSFqZ1cbgrEN03ZrKKWa90bTp0zCsYqzZNqDkcptRIw8DcGUq++qsmExvfDzr
E9/Yye9bNVaaLS2kTbNwKBeRf7hW2KKQFbVCgW4WOIFY0kpYxd7ZQpdht1gUE/NomIYJ2Jhdcm7
U3XqlLECAwEAAQKCAQAyhSM34dzUgxGLrRUV6sDFpm+Fgr7RRe80iHef0Y3DK2hE/y856e3+Fi0
IDEanGFj9VWYIzVMD8uvl4UI4qtpqusCs2KWjubZWpuhLIg6X0vmss8Yg1sP6KdAQaY5ISi6Z/A
gEwVd//m0oj8tCWKYCoOqosKV1b4JOpPDjmLB40PwT5T0B10IhZLfgrAwKofbT+bpyuNbfZv0K9
oxUvT9LYWtcF4aPdA7GqgwKAybHq0UYzc2Uggki4gKtlw9MHdzz0u1jnu42sJ7qjadVlWH/UwpV
uK5jmzcHmWFbzrFP2O6p0Jpq0AP/EcNKjbD0pxUuGF5RbbIuTQeXfG3z5pkhAoGBAO7qVBwUZCg
Q00QmZ46ZtvfSUYslFwrQhM21zVUJbV4tfPZYlK7cInQvlwxy3prCdpbROMcb78eL9aFCjaS2XY
A3e4ufpm6Ncu5a/Y2W5ScSw1N7EZHeIGj3rZu51b0WZZakUHupas4S7yApQT0cyg4Fru8yr+6WA
24bwhxEWl6nAoGBAMu0CUB8+lZih2vDy9sDm++DTlDJZDKPfOCCj5IH6YqtdkUm/+TUmuINZqMI
yowUulwpunPDFs3W6aGr6XnOYkcbbQ5dHbhuF9i+JY84rW/zhLLd/nGf9zx1rKanWD5B1zC88/1
yM0B7WY1A0Rg2D9K8OJ+FTwEAHq2nkHpVmPTnAoGAGuOks8RXwWqjXHg2D4adYSb6pn52KXFugP
iFM5zsAj18Yv11PnjoJ8tzZKNJCoH4duD1UvOB+SN3cb7b0j30KAoWjZBaWvbwiIMVJmplQBCMi
0i+oXwuiaHWmEBCHhX3OQ0lQcW/j5Hx99ysywQCebGKDsHVqzSXDj1xi1zmDuECgYBiwE236J6H
oE5cLNg3vaEr1LDzsx4S8MKuKD0noxRRuVPbpFNrgLHxImP+Z3WhwS6zHTuZgRseALDUQn32Ido
89IvC6dtNnHmNBmk47FYQLrLG7525Qb5engFr7TZ3P/3tT7zMwj8cZG/+bUywewzisYKVus+ZAZ
DdyJze4X48QwKBgQC5Q8YDafkPhO0/riXfHE4L5NnPLWX6t3TINt+eYYnF47Hph1o+TQTCSF9SK
BSZLFwpH1i/y1P/+z2rOuqrAuSkK462Uz6u7mslFVXb82baLM1Kf0h48Y+YuEJRlRVnNCpRHR3d
xo0q1Hy6tHThjXl2WXxTQEKyA7olA+T2uI6x1Q==
-----END PRIVATE KEY-----

B.2.4. id-Falcon512-ECDSA-P256

This example uses the following OID as definid in Open Quantum Safe, which correspond to NIST Round3 candidates:

https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md

id-falcon512 1.3.9999.3.1

A Falcon512-ECDSA-P256 public key:

-----BEGIN PUBLIC KEY-----
MIIEBTAMBgpghkgBhvprUAUDA4ID8wAwggPuMIIDjzAHBgUrzg8DAQOCA4IACZdJCeFxldpfuli
HAR1VY2ntR4Rc6Q9UvTsy6vo7xDbFSewjE1Ei4gmUTWz6PfkpoDkrOVqA4tkTvQZE23jQKVfglH
DziGZuOtsw2aCjXlJsIdJieTytFvEegdOsagJJLd3IjqQOu41LCiLGXLQ+widcNBcZ/Bs1oCANw
qJtjofEiRcUCie6vnMiMiLsMLl8S8MBn3CIDMB/319AmgQro0YqMjEsS3VBzIyCnkmwy3QAPN+m
oJkrrBDUqtLkXyh5vaeirZk9DnFDJc6Yq9Fz5yHVoE120ZjVyJBC0O8p2BX2YXm3YhOXWoDgo3v
gJhRlYHnUg28oMpaBav7V+0fyNAalD3dpLHGVqAVblvY6uDSLv1uBY9DcHMhPrHDBjaE1MbkBZp
wGrHQh4AM5p5pFwcAGSIKYZsiUmPWctwItvMV+ydsdQvEyISfBq+1FyLdTFqsQv4GfUlpk3MlZe
cvNVdSD2FjHgLOqkZZyqspZil4jCNRCUW64cSOOT7m0I6nC2U+s4Lcbh6yuu0z8mBcj0nWud1E1
WICEjviAo8dkevJMU63lOxbAXXe/ZSgJ8ZDhL4dXfSXLhFeg07aOmKFUah5a8i5JrFSnh6zku/L
nf1GyfdnDBiAcsYlxtFEjYkG8cTJIOwhRslem6TAJhtxSM+cHUKIQY+Dl6QmNFKR1wBGqap0w+A
WAtu4VK2rTSL6ENRmBB+pwStWl0+rAVjRtONLkCX7aSfh10yaaJBloTJ1NLqQI2aTBM0EcjhhmI
PBCgtf4+2bQTFLe0pKcW2aB7TvMHcUKyHQFMu5erQXbY1FmP1w2y5R+GK1myuJIQMrWCKZxd74d
nk5EaunOYxIGgslmINGjmKmzwTiuIwsF2oimRdMUla36Ss4nmcCzlONcQ1NKtdvXaWJotbGIIGs
xCFUvspsIdZemJ8MZxZIAotW5u12IaIgmiMdTUoH1O5mpjso5iUhynqlOqfw6aJbJH3+FxMT85P
N0UdzR65uiMfSiq/HVb0zhB0gJLrqpPAXaMgiYZHBqQqeQeB5pwTYM5xuiKIbW9KG+gBIOCimVG
mTUd5U+4hceULMCpaTff2636q/ofEAZlrfQC2aV/GAWx6iOm67AQMVTKG34XFqVY+C9eLyipwPq
FLAQt8WaxSAuEScapj1+xpCpUlUhm8Ca2AbvfEi9pit9Rj8y9t7TIpDmMFkwEwYHKoZIzj0CAQY
IKoZIzj0DAQcDQgAEFFnVIrPg3W3QEt95Z4WQn1cmoZV9tpo20FG9umA2B7CSaf7q9FwgVY7qvD
HymrF59in1pXEPnEWLZ9xLO5A6cg==
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-Falcon512-ECDSA-P256}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-falcon512
      }
    subjectPublicKey: <falcon key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: ecPublicKey
      parameters: prime256v1
      }
    subjectPublicKey: <ec key octet string>
    }
  }

The corresponding explicit private key is as follows. Note that the PQ key comes from OpenQuantumSafe-openssl and is in the {privatekey || publickey} concatenated format. This may cause interoperability issues with some clients, and also makes the private keys appear larger than they would be if generated by a non-openssl client.

-----BEGIN PRIVATE KEY-----
MIII9gIBADAMBgpghkgBhvprUAUDBIII4TCCCN0wggiWAgEAMAcGBSvODwMBBIIIhgSCCIJZ+EB
+0I+BBBHBEB9A//69D3BA65EC9A/A//D/E/G5666D5+EA7787H/BE+CD868BJB8DDCC/+C98/+C
A669+A/93GB+/HB4AEB77+/D/4F+CF5+B86B5FA6AC+A7//6/+D+7CE9/GAAE8CE/DDD4+FK97B
AD489BA/6/AADC4C9B7B9//EA+FBE7BAFAAD9/BBC4G798/E6D/EB+FHCFDAABEDABB4BCAJAA+
CA46GBBB/8F9++C99+D4DD6F+AECAEBDDDE+A++GBD9+AEC9C/5/9A+D/EBF+DE/B/A48/E754B
/8A++495CCDABENGB37C6D5+92C9F8/D9HDH/AB76CFAA+CIAGBEJGA3JFB68BGBAAC6HDHC/6E
++8/9EHBE/BECF+7/5/CE7FD4+CD99BHB/w+/9BLB98/ACJ9FDB+/EA+CCDA+8988F+E8A8B5A5
D9/5995AAG//88+BHB9C+2B7GCH9CD56F956EACBDEB+AEDGL/D+6IB9GBFAD6CF6F7D6KD9D9D
DDEC/CED8E97B+45FCF1z6CDD9DBJFCA9/A+CCFDKG/+EA+A7BA79KABB7717C5/CB//+FC+/A9
E9C+7H7+CF/358GC//FBB46/+F/4/++B+A/B6G9DFB6G/8CE9B3+7C/D+FABB9/EDFAAEF+D6CD
88D7CDEFAI2HG87BGB/C+/A/ACDC/AFF/3/8F/E/D966B+97DBDB9EA/9D/FD8++8/B/AC5/A84
C9HDE+5DA/CDBFB1AC8FBFE/+/DA9AD/+85A+CE+D6+BB9/H5C+CDFCCE7+B/GD6+C/CEE8G7B+
AEC/F6ADA6CF9B+C8D+D+B+K+4ABAAA4/8CDE/A+FBD/9I/A79E/8++C/+AB79D2BE5F4C9+G/B
E/5+ID/A/AI//J/A+D5F8CA+9/EEEA+6DD98B4DHC8CDBI/C8BCC5IK+9+7CAFBH9BH3ABCDE/D
C9AGDD+8CC8EADBC/94F5B+6F8++EK6G8879BEECFCABC+6OvxsQz3+SHpzfP35AjW/Cfp9g7oB
P776gMtBxMJ3woSCuzpJi0p2dnrByfhDSreIBELDycfAgAo7AACKfYQ97kPBBMW9iYzOdNIGxjv
FuzxFQsWuy4qQxgDLBYe1AIBLPIqFgPj/fFo9vwDDO4W+vnq1fP68hkZCSDl/yfpGhTvHhHoB/X
b+STpCf0S5wMhyvIR2/L75BcC7xozCxH88fXHBy/1ChPZ+fsP/hsF+djx/+MKBesPzwP/+hcLBu
8MFxX53hwAKwYfPOkuLfjUBQfnId4IDeTfIUFkHhox+u8l9QUq4vgVBff1EwjVLhsC6w/z9hf1+
xESFeoHBewGCg8XtdDnCRjo0fcF0yDTEv4uzxYA0BT8++gIAQ708d/z79nS5/YO5fYi7RwJ9AoK
BOLsANLV3hP/Af/zDvS71RLv1dP25t2wGwfdNesxEgIlKgPzAfr85rAWDAkG7f4n+hMA+wzuJAg
RDwoVADYvBjoz6gjmAwcV2gf+4AT5BSgCAun97gX2+Qq39BUT39nx3/DAtxAZ3PgOCg8MKfAL9/
n+/eMHD9TuHu365OQE9/0BA87qyvX36BMOFB39OfXx/AsC0fb+39EJCuUS3BH75ub38Or6HuD2y
9wFAvK7BBYQFf0TGxAB6P/7GvwUBxMVA+sZJDEHMjwH9e8J2BFO1AMJl0kJ4XGV2l+6WIcBHVVj
ae1HhFzpD1S9OzLq+jvENsVJ7CMTUSLiCZRNbPo9+SmgOSs5WoDi2RO9BkTbeNApV+CUcPOIZm4
62zDZoKNeUmwh0mJ5PK0W8R6B06xqAkkt3ciOpA67jUsKIsZctD7CJ1w0Fxn8GzWgIA3Com2Oh8
SJFxQKJ7q+cyIyIuwwuXxLwwGfcIgMwH/fX0CaBCujRioyMSxLdUHMjIKeSbDLdAA836agmSusE
NSq0uRfKHm9p6KtmT0OcUMlzpir0XPnIdWgTXbRmNXIkELQ7ynYFfZhebdiE5dagOCje+AmFGVg
edSDbygyloFq/tX7R/I0BqUPd2kscZWoBVuW9jq4NIu/W4Fj0NwcyE+scMGNoTUxuQFmnAasdCH
gAzmnmkXBwAZIgphmyJSY9Zy3Ai28xX7J2x1C8TIhJ8Gr7UXIt1MWqxC/gZ9SWmTcyVl5y81V1I
PYWMeAs6qRlnKqylmKXiMI1EJRbrhxI45PubQjqcLZT6zgtxuHrK67TPyYFyPSda53UTVYgISO+
ICjx2R68kxTreU7FsBdd79lKAnxkOEvh1d9JcuEV6DTto6YoVRqHlryLkmsVKeHrOS78ud/UbJ9
2cMGIByxiXG0USNiQbxxMkg7CFGyV6bpMAmG3FIz5wdQohBj4OXpCY0UpHXAEapqnTD4BYC27hU
ratNIvoQ1GYEH6nBK1aXT6sBWNG040uQJftpJ+HXTJpokGWhMnU0upAjZpMEzQRyOGGYg8EKC1/
j7ZtBMUt7SkpxbZoHtO8wdxQrIdAUy7l6tBdtjUWY/XDbLlH4YrWbK4khAytYIpnF3vh2eTkRq6
c5jEgaCyWYg0aOYqbPBOK4jCwXaiKZF0xSVrfpKzieZwLOU41xDU0q129dpYmi1sYggazEIVS+y
mwh1l6YnwxnFkgCi1bm7XYhoiCaIx1NSgfU7mamOyjmJSHKeqU6p/Dpolskff4XExPzk83RR3NH
rm6Ix9KKr8dVvTOEHSAkuuqk8BdoyCJhkcGpCp5B4HmnBNgznG6Iohtb0ob6AEg4KKZUaZNR3lT
7iFx5QswKlpN9/brfqr+h8QBmWt9ALZpX8YBbHqI6brsBAxVMobfhcWpVj4L14vKKnA+oUsBC3x
ZrFIC4RJxqmPX7GkKlSVSGbwJrYBu98SL2mK31GPzL23tMikOYwQQIBADATBgcqhkjOPQIBBggq
hkjOPQMBBwQnMCUCAQEEICXQxbtuhGjYSkyLz+K0V0tRyxgEBlQcElOVwHZSA4QL
-----END PRIVATE KEY-----

B.2.6. id-SPHINCSsha256256frobust-ECDSA-P256

This example uses the following OID as definid in Open Quantum Safe:

https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md

id-sphincssha256256frobust 1.3.9999.6.6.1

A SPHINCSsha256256frobust-ECDSA-P256 public key:

-----BEGIN PUBLIC KEY-----
MIG/MAwGCmCGSAGG+mtQBQcDga4AMIGqME0wCAYGK84PBgYBA0EA6HRU4f2vmr2LV5vZVlaniti
Ly8ZCfheVqolJGrY5GxpNwvIt8fK6swNtftSgmrC+fCDE48/fbzX7a2U3F1/S3TBZMBMGByqGSM
49AgEGCCqGSM49AwEHA0IABFjKamMP3nn7Ua8Y8XEJtqnp7ya+Ino3UoxjMhhVKHx0fQxAz7lB7
Eytrtq3H7e59JYdkceK1h+T8jZFyUP5e0M=
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-Dilithium3-ECDSA-P256}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-sphincssha256256frobust
      }
    subjectPublicKey: <sphincs key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: ecPublicKey
      parameters: prime256v1
      }
    subjectPublicKey: <ec octet string>
    }
  }

The corresponding explicit private key is as follows. Note that the PQ key comes from OpenQuantumSafe-openssl and is in the {privatekey || publickey} concatenated format. This may cause interoperability issues with some clients, and also makes the private keys appear larger than they would be if generated by a non-openssl client.

-----BEGIN PRIVATE KEY-----
MIIBMgIBADAMBgpghkgBhvprUAUHBIIBHTCCARkwgdMCAQAwCAYGK84PBgYBBIHDBIHA0PwPCww
Ulg3VLrZC7cGLqF0jRZrREj/l4kKF4JsLTjRR2P4RLqEm0qBa7ukb4ytHE6HDfM0h6dJ19F02hO
SO6Oh0VOH9r5q9i1eb2VZWp4rYi8vGQn4XlaqJSRq2ORsaTcLyLfHyurMDbX7UoJqwvnwgxOPP3
281+2tlNxdf0t3odFTh/a+avYtXm9lWVqeK2IvLxkJ+F5WqiUkatjkbGk3C8i3x8rqzA21+1KCa
sL58IMTjz99vNftrZTcXX9LdMEECAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQcEJzAlAgEBBCAwCM4
KKsZbXlaZBph1ixcUhlNiZ1qp4LnA90Nm/rArZw==
-----END PRIVATE KEY-----

B.2.7. id-Dilithium5-Falcon1024-ECDSA-P521

This example uses the following OID as definid in Open Quantum Safe:

https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md

id-dilithium5_aes 1.3.6.1.4.1.2.267.11.8.7
id-falcon1024 1.3.9999.3.4

A Dilithium5-Falcon1024-ECDSA-P521 public key:

-----BEGIN PUBLIC KEY-----
MIISADAMBgpghkgBhvprUAUFA4IR7gAwghHpMIIKNDANBgsrBgEEAQKCCwsIBwOCCiEAk2cZjM7
zZ6OzKssprE69H3WTaYIC1McjkUgD3uvSORYQwbUPEZFDach1iOJKkiXpb2nl91g0CJJzF2euQa
t5WK4jeS+vE+0iAGyRERTgO1V+XOAdbL/oXaltcsw2e9eaVkpXxeq7r13LHc2myoarAbUPhZWw7
0okF432s0RLmfacYE/uwj3TlrIHE17ELG7r75Vh5dLx+m4mDDXSpmdBe7z9jb7s3UIsxvsLpPm8
ddj8QOMY+Jq8YMvEKYWoNh/4+IMhkKQo1jFOuArFYBRmEZPp+CZDjzVlvEQQqDOCIriRRwqRqoM
0oRtpfws2gHHZy8VOqHZAtGdNhWhUvGo6xfcWAdFYxQIcNKHzZTlPh0MZcCrzd25nG0hgUe7dJk
kHV526G5eYLLThmUY6b2pLH+LQi15szrUHAl5pch5KYgQ0S55Ya5cTotRvet+Ej7URTrpERuVSE
5QftfB9lt/mcWzTQMEZyhH8MvTP9PayNbo1DbmDDLYnX7ts2sG+tC64hWNsMQQZ9oqXA1++VLC5
RES4NxJeXDRRCUE7rR37XD6WJWa8bnzEix46lSIT2YtRwVqKsEIzpjHs1BuwoMOAsVa15iLi/rx
7Cxw2r4RcAH9NviaKhS2elGu4cr9DpJhD4+bMi6pJ/jVU849nhfpfogXLPB/2HbHKdd3+6fs1nn
BfiPrIu004g9QPNdKMavtUA/l2gqpw7Qz5cgry6rpK47s2zicHYvEjHtIKCu72/9stEU5qYQ/7v
j2cfLzJ8WcpKFNnSZu1O4iO7V8VbdfDdKpA6VjoLBBrvoxLMf6p9UA1IjOnYH8py+C890SG0Rzm
oyFKaGVibYBYaB9nexbCvKzd3L4hq26UxDNiE/bd5Lb8bwd1a8tVapNfjs1jLaKOOvRwfaI2ETd
hT558ammPvdyksD0vicZXu3HrPGBHMA4rG3Hn44abcgF69JvnJaodVFzzQYPN5EpfKHKGh0E0w1
EVhtQ35mfmMn9h35frUqEfNYxB7wZ823tud7U/1BZ/gEhym1jlxicTgtE/zssbpUZ1m1t1mCL88
5ZqCJP1ws0fbtLQZNLVKKYPc1fJdG9KD0EruA9Tg7VNF6xn+eAdhoJ7h2r5Qup8fAAWZvr+c8iX
wXoKveA7zdq3uDlJMlfIPnaLNNwIPxLkwqtPnXm5+kA7Ax6AYkyAfVSd6I2kDMWSM12pyZ6DikZ
GZFEsBhERng7vfsYqyjdP8R415QWh7mHT7sGpw9VjCTNTgj4BidQ5wWBZ4I33ARqAe6NjFXr7Ff
cTGStUIYzMcayCUNpTr+qO3XMGDSjjvgJMyQYSOjKMvNN7wvm5Q3b8HtueZoPSfVK12KGkB6s/o
yWiZXJPD3IyC2d3qILwdH7dBAYBI1TVsTHwq/rw8Tt+2PMW+5w47xpR1/biDZcgGhxtxOj0l9q7
YYmWztrCx6s5Rea1GCFj7tKmtGKGrtUq6Omp01oERBrew5H7WXt1ibhGIXcYespWc8okCL2TFqc
jYTuacJle3gn+B6bUuThA9WYsi/7qvLrq6yxD1NFZS0bIRP3vrrlJ71PuVvuVQOUdva7AlqGZH9
UbwBQrmKEa1TYKJSobk7El3Agd42XRl/BYoh/Imtc0pMfzgd4eQgxTzeUrDqx5HD49HL5faIaUv
Xs+osfHamnWYvbmQve1DtFXaM7Eys8iyBuPljpJpoQQIbq0NAZvfLGMJ8YWAROMA5mtGQ2Z0G/e
OPsmcKlPF3LxUxakZfULqtmblGwqztrw0753HBrxqjhk008OsDyLMygMJ8f98bfQOiguYLgLInc
0zCY5GKuCIxMs+w/SLFPAEfPN9e1RhVKTBoGgQ12Fnu12zN0/9FLxtHhQebaPsFLc9mKxwzV4UL
hO/cJzUoK/RJopPl3vxtxsJzv3CZxchX2NgR6UJ6faQRi85ksW5dDt3yl9eqfl24NXbnbd1Yj5W
1THDQVFX83wb2SDk5/lLKlDRhUKJxOnHJ8KhI+Zcy/TmtbW9Kwj1S7gfe5ZtPq4DlwCMRexBXyJ
biBiQ5HEEbPQQ6QSBLVXC3jnCfLykYUE7nAYV+S4vcMawNt/tmgd6ozoPoo27Qj+Ae7kqOkfq2j
HSROZYDDQA7a5ja1s8ll7E0AZ5bTJOeveSZmfrYho1WdnT6AcTMQpWH+HSoyTkIXIfus98+Etud
15kZNTR3f0w+yXg+s4fg3j+Qrtnrg3TUkQBLIT9jZ8GWi+laso2nV7qXv/IXRqVppBbfe+y11wr
ULPDPgftpdwHMOQSAkbsthsmw3PWHAtTNaPbjDYDGO85KVEZli3sHifMxTIsxXBSChpVHJQb1Ck
H3C9iWOqDOKynrHeYsNONs0gTGFr0p59cA2PYkF7+Ms2l/eC8mTOSyG+Hn1EHGchIWPI6/QQsUT
7UXzmjTSPFQ6o54uSN5eWwUHhlc8iwGeGN4hwrDD9fWYrGcUKH9DCsRipZ6H3hSnYrOHasHFcu7
7iZNKuEJWtY2KP/fzfiYyXAxSz9GQgMqyDFJuyA6z25s5ogEsqawU+wbcCRvZNlfWimN9SB+sCk
SktfTlNNE+rl8ykIRz6jewP2n66VEFJ2Wwy2Hm7vHejC6GmF1pX5Z8UYU6LKQbKDmEZZI+7tkdv
Jr7XIR3TKqynkfyyWxyfPHpJANK0PawDNM4d3TOFK3ddCGpss3mKreIMrEmAzwzjoFClj4u+KuU
NWxwvqE9IeUGKVPT6AIiUStejOp9Xd4LejjACDjEqd3SLnoutEQZdeok3mSU0siEOad1j+y9js7
poOFjGlYuQ6QKPLNTL3yIOyDtCsCBtWxKhP5nY90fSLNefZLXNSrwNxxIt4AqpTAerNyp2Qmh+M
5m4FM2A00TPjayIFUS12ZlLH7jX7GmiN88/WyYMLQmXnnTQEMBmnj7bNTIOjf+XTOhptuFgpDX6
EeQjYQhVlHoCDvrG+r5pCemHm0RjHCYY7++TsaoaXCWvidfeKRh3a/p/6EHZhiO9WU8cKq6bfGj
ZnG4zwIdRTUTIwoPkY/mcX4cfXV0RaCai/VV06XM1wQ/uHFzS3HhFlCj7+7ICaqQL3glYeYqejn
Rj3Lzdy9rNXc1LebWiY/ZF//I69mrSyNqMO0JlQk+UCmtNxgS2tIWAXSEFqWv1Dy2iFmBhdgwVB
tyUjh2b+FOUjRAZVsMRqjpB9TbhGJaCHQ1Cu8bNWZQBkjouj3II0/Bw4+8iImHPCJzyfP3B6UDe
5BprNOWTQe5u7vL8H4b0wJznX06d0tyj1Kr+3On4EGcKnbJrYz+XYUn7HXDA/cFtTv7yKGHoiw6
Vp+Lc/J1csiB0DIrnpjD1BfcIXuVwKIISw6HluVOwNvhw6bomLi0xzvqCYwuQ/ExFRiMFhqroT6
a481aLdP77mFOWfBlANUw4ikSLIqjnb/8UlAtvpTgfyCqFHC6ywP8zYbPM8HXd+NCtiv7qFgxbM
IIHDzAHBgUrzg8DBAOCBwIACis020pTnVJ7JfkIgcdCJEXuQSQGD2l+eqj7pCgCoMlaSxHlsllS
oqobCw4q/MQl4emYMiAKISM6gmJetrdqLCos6fLImYmlzJPJLeDfgu4KxrsJ02HCl4Sgq7lE+Us
b++tThDa6Z/KAXT5mjfHwnPk2sGmYtJuSMITNAemd2k+gnxXLiqdbQZr4EhpTTsqqi8/lAi2Myw
d2gyGQ0SXq8slTZv3JRymSLIAtDRqM27OTPFUiDs8SJM49ARNPOy2CKSlZrP4PPY4qk1Ais5XWG
L2Oqh5BbFIsQTudCuta5o6YvbH/BU4v7HvKOVlpIpZRSiC4cZe5nnRRUHKv/wZoQgjuwognnhxF
pI6FcCBfIWiF4kT+7Yc2U+SAJBXleEElctaNlWJRLInBluBem4qsUDz2VxapptzX44texlRR9So
7axphOqL0miqQJUKJ2WdvSzPIO9baF7+koWozd5xfapmXxh4eZqxwfdjf44MprjYocpD/pGUcFY
YNaSs+n0leqoAcke96d0dUOBVp8pnWvzVYKwKHjLkEqU5CDxFHozb8SvUtRxIFhKAF7cuQaNEbX
Zp7HIxMwUYQ21+I+6pW7m+06h6l0h0hInLU9NyCFz1guZHY4tx2tvrA89PbQQAgGzYqU7XO05LG
RgsSsjtD3UvGZD6U15DDVAEUsfFfpYq92I9mmW8WUdG6MquuYR4tvsraahggzZoEmdgENPgnBTb
UKA0g+hYswUqsavMnRINsXMSrVCAX4iMMD4Cj2kyepie41kebqMhLZtWrCK0mixHWUsx/UPPnxS
LTI6IiAVbKdWUmUTAGpaiFkSa6RwymZ3ojBh0ZGqQwXvcWLwAe+XhRuKRAPWjBAgxqn1SdktkXE
3lLqWOHOcPErpQbN2uj/H4VqNahLR9YnYHgQ2ucto5gaRcCn5vu8rUWjWGgIng4MsA4tbL4o91h
MGRubsC4S3m6ZYTmA89MM4Ztm0MSzm9ZTvphUj8FxmOmTEr6XmazkLLod0woXJZc2kZpJunFY4T
3l3D8VOpnhSBkMoaR26QBBt9gv4zRnAJW6t0j/rzZM5kx4S5apcRBpIw2GmXg+dsbWzlSIctarV
WysFAqKatYNE5Hg0YRj0c44KggIvJhKOmxQhvTHzQ6YPJlDnc0eInI20+2Xb42C1JCPuYvSfAIL
muREFblgJYevDIgEw6di/Lc9ZSF7wkUTyDN2ERsmd1LdRj1q92VkpGmFoERPPXdDv9cGKAhi8Ju
iblqtawkvrYSdJXz5sZdmYbqFhsVcpniiqIWNzp2OiiWY069IoEr8l1Qq62Qc65H+gpqskG90io
KuItaYZ+3q3Ixym5AnhQ+T0h1I1A2MJgRKyyVGCCSBnpGiKbR2mcR0zAdlVTLrETRKThmKw5Y+Y
3l3mV9EiZqkZJL49t/ChYQe6ahLzLNqsf0oLJ+FOr2A+4dO9yCm8aCErEOmLMF50cxpLk42W14e
Cx6VjGtFBXc+XI6qleGVXX3iG9KHyBK+/mluyHYCHNmFI4qCWVHid90N6JwGg0Xf2QBzNI/Ag44
RtzwUZ0Nt3YAU0UO8b2gObgkYo0T6jyKTMuZSiAK9KNOnQJ1xUUCyZCtDo7kLJLyAvm0dKAciS3
BTFrmmlaPxvj1eYhOT0bbxfXN/Dn1C2F0pqJw5uMK9wGZg5E2samnM2xGTuJe1dqy/IY40RySuh
K5ZMZQ+DXooWO1m2u9JsNkKUcFGqCji+XqoCihJAXU6k1v/nAHMGxXDix1M/AbbFnpKvDVJUieU
NUIV2j2T+r6cDObnR1GB1f5Q6gcOX8niatmnnLicXBN4jCdrRh6x9mPJuBBwSgsguRHhVDL0yAd
gXYQkBtHGfJGxQgGFFmboEiFXpayQXkaZfpmRfaI5ajindqU1PljkyVBqgr12bo4lriW7IDRQQD
hY38bbUDRZ+rMSGAntqdIIoiVTXThCegPJrT6aol/EB6thiYVPoW9ny6Gu6HoVDVBQLNgK10fpG
qg66a/l2U9chpvZZMBMfAEWw+QRLvjrFphFwm3epRLPUZSQOZ30/xnnArZ42bvPrxHdvDQvKtuF
dgWEMVgjftqspD5h9he4TYgyZCQrLLXg4og0BLlM4XpIxnnlqGb2yOOjLATAVelsIk7ik7th1RQ
68+faC64dCct3waMmZDy/QhbSogKAchXKGvxREAAptxZuD5x0Fu+RZD3KzPPzq5NbdsWmqwExCM
46EkwZN5jMevFMI22fTMEbegBAGWkN4NfXCrSGAjhFLQ9vPejQvtCRWpSDVqDfhgXqZjscL6R+b
k6CzhgutWbH8QAmNLvQyIb14Y5EnbYhWcD/tR4We/uPerllsiEyAHZq+tdARkkAn03JVE0Bx3rS
GOU1gCuPuJpLhgwgZswEAYHKoZIzj0CAQYFK4EEACMDgYYABACe7fcRLUKh2ESJPrFIHMHXIkRf
7dmWI1wcsU8uKT0v93+Vv0YVE+LD91AsAww9UZo9w5eFh6vDouzG8+DoxVen/gCuCcHQX8To6xL
2GnQ70El/sQmsjAt+Q7B39US1fxDcD+Ek8GGtTakgR/hMf5EklevMPw4tdKUQtcRD6PiyWNU4qw
==
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-Dilithium5-Falcon1024-ECDSA-P521}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-dilithium5_aes
      }
    subjectPublicKey: <dilithium key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-falcon1024
      }
    subjectPublicKey: <falcon octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: ecPublicKey
      parameters: secp521r1
      }
    subjectPublicKey: <ec octet string>
    }
  }

The corresponding explicit private key is as follows. Note that the PQ key comes from OpenQuantumSafe-openssl and is in the {privatekey || publickey} concatenated format. This may cause interoperability issues with some clients, and also makes the private keys appear larger than they would be if generated by a non-openssl client.

-----BEGIN PRIVATE KEY-----
MIIt0wIBADAMBgpghkgBhvprUAUFBIItvjCCLbowgh06AgEAMA0GCysGAQQBAoILCwgHBIIdJAS
CHSCTZxmMzvNno7MqyymsTr0fdZNpggLUxyORSAPe69I5FjzKTYFpPVhB7JGUKAqSznDCS/KS6z
MW0zqC8zFogMoPxhy9c/Vx5RyOr1xJ6nHvu6aBxQKrN9G5d8hABzPepIZCAhDAlmgYkwHjMk4TS
IZkNglMAAGAwI1buEgEJzBJQG4awwmQxJCbOARJwIEYKWTDEHCSRFHjkoTStHCEBEniQIwjFIwY
pSyZEiQLgWEiMREQlxBcFgDbFGHhFk1YJFGAgmxUQoDRNGHAsFEBBWgAFmBKBiwDAYDaJDDUFkG
YwkUDuU3jAmxJQonhCDEMFTKUQjEUESAAoIzjFGEIR3JcQo5ZBpKDBiILGQIhOWaJliEDRCwEGY
xcMCFkElCSFGKcslALApAYKYpYxo3ZCHGbMigJBiLUwo0TEGDaBgwSFYKkNnAIJQocx20RBAEjg
kAiADGaJmYLSGniwBEYFGzEEnIigYhbSAhKMhEQpnEZAW1iGHJQsmRTIogMoSkEFFLTgCQEGTFj
AITZQEzYAA4TkQwCmExUSCWSBGBDkg1MBIGRJGCZpiHJKGgQJYxIIAgiBWSDxo1AEo4bQyIKMAw
IJSnZhoTDBEWJAilUooDQqIBBkgiUgDACo0EUJyKKwmAMSQrIFkohMSnDMgBRhJBgNIiZMC5MEi
qESFIjBIrDkkzCyC0ZKUWiGC0RkSligAFYwhAjAyoKw3EJqSwAgAgBgDEhNRAQSQLQQEFCMDAcB
UTiECASsm0QRSxbQJLBtgBgFjLbsIkjQBBMQFJMRE2gtHAEqY3aJo4ESJABJmkDOSFbxgAERjFM
MlLZMGWIpASjtCwDCXEDA5LiSCUkSGbioBHAEBFTOAYBBSHTQE0MBo2Tgm2kqGlAGDFQgpGTonA
gQhEcQRCAFmYCpHEiFGWDEmUINTLLCASABI2Dwm1BEiAAkwFZFGRhJiEToiSEsCRCNmZSJJAas4
kQBw0IokBYskFEJgiiIAIKBCmSAGbAMhFKBgARtA2AMGCJMo6DFkhhCE3LqI3DBiaUponSJDAKg
oXEKHEImECURmDBSAIKQU5KSEJjAi0CsgRRBpJLKG2AJA1JJobhJALSwAXKoCAEADEEoYygEgHD
loiglgyZsghDRkrkhkCKkGDIKA4aEI6hRJIRNE4cEGTAECajqEkRIyQMgAURp2UMBUnEKCBkRiT
gAEgQIiEiuSGCwAjigoBQRAwSRk2EEAQREFJjMIkIEy4AFwBhtmwkpYQKoBGQgA3choVcJCAEpo
0hNyRAQC1AOI4EBIbAIiVMEEVjQhAiFUBLFCaKBC5DNmiCkiwaBAkaRCDEIJASRE2YRlKAkokYk
EmMmIwMs22LOFHkJG0aQSlcuE0LpEwZtXDTxkmRCIWKNAQcRCEABFEkl2EkQ4AICWngGAwDwiRb
RookIQEYhzGMFIHDpIAUlWhSRoJZEjEBlBAgFC6buImZAgHhRooBAXBjwk2Mlo0boWEApYRZBAi
csimbMAkixC3jMhIaEwmQlhHcIi1kgmUcGChMgkyJNAzYhokkQ26hIEqQRGqBuAEAkSgEpDFcFA
qUBI5AqGxCJmXYFoRakgwaJ00ghkiUpI0hhG1ZmHEgAUwZAmGJNArEIk5LCDIZBkIIkUjIBgJBC
DIbQUHaGIBRCAAah2QUMogbyIyCJmkBQixSKGHcCAZCoizBtAjMwmkJwgkkCBAEuGxhQmYAwCkB
k2GgRBKZIExJoiRZMmaixGkRlIUcmHCQJIWZOArKSCbcyEUYICmEOCDjQAKYNjLSOJECNoKQBE4
RAi1RSAHhhIDgME6cQkgZQQEIKEVZBoIASVGYxAGCtm1LJgwABUjCxHBBNiUBuGDilEwhGIAIqA
HTAlAMGCggqA3MQEhZgomTMnHUOJIKEwSZok1YxGACNQ2cJGmIKCkEwTBUgGHKwIkgIAoAB4oCN
QFiRghJKHAAGYHSRGYCJwkRSDBIJm2REiAEFYIYoyjKpCTLkEFAuEkLwACKJITQBHBKAFIRB00T
FZAIwWWSoECBECLgQGjiEgkJREjoGjomhOi1h8Z8ICorSdRFQp4Nmw2sHJ+4+oc3CjikdZLNd32
RBNQ7N5Rb2dMIsCImgQB++SDZQ+nl3hJldUjxQAFzKyLSb5F+4hXvLRv6RgOzBUK/CquggEuV13
gJT1iAjLZAngXa75ugw2FCY6B17b5hy4SNCYx1yVT1MuLcgDDULUZaN30EaSs8CceG2Upsnvc/e
StQnXRkGkY9y5dLslqqAQA6/g9HEODmgiShn7FQkK+mxNSKSbxcLC3tcf/3yJAEPVkbiA1TEq0m
QBhLeCkORzn9dEIKH21yv2bnZcu6xGMTkg6mwCLdJ78fxZYqc4W5hpLsU/Ky9jWLJ1a9UAHPS+/
pnr1/5EqPwo/L9uUSwsM82RgrqlQAZQaFsYWt3jFWtrvIKR+ZV8j48NKQf2j1vL3vbR3RF6TNiI
tyGu7R2X+kQT+Hyau78eH8bxyWenaGVrQaeBlpjzx4iyVwGE/qvikvlJoSIWm6Uxygyzzoqj9GC
1chO3hMr5OLIiM0LOkLrd/A5GFhufo9x68NzD3anuUil1vQuWD+obD7T4MxSZzHfRsaqFoh3v5U
dOaCex+ZfOkX62qRFM2xOswxKYPpvZikzDNZ61WfQFCdYKeGVa809MgdcqCeenKb+FzecPW9i9d
P7GCA6knVcKRZenfc+L29sAFoB6+wl79mt/dQX/81wDMgV3O1imdPuZUqq9FS3XH3tVYjpZS0jq
f6y0fi7VAhil5ZwFfYQa+9V3ALvRVo31UgMwEq6lEreYlPHXzfaJ7rrToNi8cCEuS99wfEkOqj9
uK1VrsXl+CulpoidZ9uX1HsxsSIejZaxfkJowcwAt+51o6fUxBFDMo1FDE8mvh7pG8V28jN1k2z
qe54J/Mm3zyqnfNy1OXHWYWJWTnjBTOOgrVbHQ9AAazq8U4nI6m6PD8I7xfukh0eJ6W8xpWXKwD
3F9kwe0gXF7cGIuHLTy5uCNWDn2ANjTLqgxzLsL/lQ/NFEOoKT4DVF6rWXqYdQp/Q4EEHkQOERe
kw9zzIK7aMhSm5O6FPQzQwbLRVVZLqp8Z/zBJDKN9s/MtI4BQ7FHfCVuPfLVUJPJ5baFtLkBXYN
G+7s/eOOgpG9zb8Nk6kRCNIYNOtuNcnkj4JfwDPCDQL7Oagl0ecoRhVo42yWk952hC/+TUDOt2q
Z941MQ7aRQ4XvlK1fgClYBEIfg7Zg5RyZg/xt9eNNPRmYs27QTDScba6cT7dGlEVkDox+364z8V
QznxcEAepPedqt2rYFH7gqEFS8wW5LQMEqSkD/CyQJhGlmZIQT1IvwC7Q+iRKfIiLzyG30j8cnS
HVRn05VvST60BVcrDXgLgdY49STnebgJJES6cW2b0/hyNJh0/QeVWQE5xJoh6+D7JNj5p51vahQ
4gsEI0KppuThC+HJ/nWyerpB0PQh184dkIn/SdwAR2sJGqznDLUfYv7ynU+bgYwId9AKdEvp1pJ
SFTtVuToHHeYr+qHRDD1Db2wi0TwuoMlQNZTeAlisRwP2bWLZ4M4OSIjPaJp3TdOwxTAxGDadGX
W3q9l+RGRO75XpBXtlkGO/JXkTvJWoucKxC4JBlfiGKjMESes2288fUHRQHmJANimxnvs7YIr24
5Jug8y3Xt1MU8s1mxB0V1eUASDDGCG4unzahp6sHswFNkcOEa7ulP5m80wvaXXRsf3s8u9czFWy
fCa0uHYmEA+W8VxXPs/chuWzcTpG1PG3bfZeqNvg5ZeV579F2c+zCePjGBKVf0iiJKb1YCL/dEV
zix3jxxO8ZKIsVsXx+40AhJoCuJzfzugoN1qvWu0bqw+nMa88JyqPU9d4sKiUQzCy9rsOggcs+i
Y3kfMddkfYnICNUB4Yko14cOxzzOLj+N7B3Viir+A+BtOf13++Pl/JRk2kgWnruu0l5o8cwZlAl
CPyFVptidXxzsQvwOqOluflUl8RLmcxFZWuxnmODAzVtnSXSCapwK28/D56/FNGm7OVlPeQpKLv
cNKqIPJppiTmQtWR10675uczYMT68X0bA3MHZTQinCaPA+f5CgX05e/ypERDi3eAxZ/XUQzvUmd
e8kNsHVDBsrIEmK8bUf6nYCpED4hdQffxGulZLJ5z3iwubDYqqH1OPppHT+0eGdu87/FfZKiZZ0
UTFsvH+HSqSDjZmfTua1eKMMoDadSiO8jGoudHwxOEwCg3Ku/CJp8NeohUQuEWcWZa8Ao+xQUCU
JSu9mKCF6hzyBP26AalqskNRfRTyqoOijWuk152IX/Ex2ew2tHbOICcb9gzoBfVWlwNeeUFyfHK
G1a5p+T1c8bfjSTYDELnCjmflndAyl9MGzWD4xxVtRgiM4Jr53FKyWBRnBxX2WMDpaJ4D8ewr6g
FN8vvGAa4XzejwJS/y6ckuLSFMxdtBXd7L1OUiyuGZyXAAPryq9EdQCTtFm83Ypvk+97iPoU119
5vWKY8Z/j4KFOiPu/CIRCrGK6O+/YGhj4zZOuxcu3pTlkeBFrX41LhCPlTMqBlt0KUjUHUcj+gu
AE1bxxwlk2Z+U/bs0PcmTq2unL19pO7n72JV3QKeSGK9NF8j9wN1l6iAJnpq/28v+tHXhoEWmoy
nsMzDg05P0FsIVIF9W0mFJ9KsmgZVTEvYXnw6Fib2wvh49atk4a0nF58FDoKO9gux9JTKMhPDqs
E+c5nGREFxw9VuLViumLLdsKFgjI0t3/ATe0b9VnLRdzhKzV8d+eLiAeuMnrm4g/Fln1Ezacw0D
OhHoFQx4qX/FKps6DE0782OEUnAQKl7ijfZ/OGTLpKLnO5Pca81GczPJVpu2GghJgRhCYU/vm+l
/zruaJ3Jzngi4Jq+tfo4Z4hyPKSij63LGNtozrxVjp/G38rmhKrkAK0k6be3QLFjJWshvB11Jh6
zOmfW0PeyN6FvbG4jY4fMPiHYTikBaFccQEuI9qWwGvYv8qoqCsV1SfeKUq50NPbypg4CyzhqWr
OUmya3Zl7+lFk3c7021dB052bQJ6gIA9Ulru065I/lApAFesYDgmKu9W/kJk71woNltWedqJ8an
uGSBKt1BDW6dG1nZOzrRy2hkvH+rGL7sJzgbDAx1/qfZn5axxPXYXJd1rNuIPR6Wc/ixCHeD9Tm
hblq9AYEeYQL9oBZysdMBxsrReDNUIK+ZItzCIYg1cPNPLquImO+IOm2he91L9uWZUvGXLkw8k0
Kmt3VfFTLeM65byXOqrsslOip0WFg4K5W3MNxiNbm7cnIL/Nhw5Jk/IfLnzKqUEGqJUybtGTruP
97iFNIVR3aHX8R2l+bacQ88dwNGSJsW7K82hNXO4FlXp2JvkAmOuRssycB9j2z/6S3VzgryzNNJ
wgHN10EJ5TJb/KXCZtjGMKNj7EBN7o879dtyYc+16Fc64SEMpKJIc1rcPoAH52x0pT+nZDUZwpE
eIA4h4W2QP1HxXxgOnD/PbaIBQKA7j3o+TTVCxgrOyaNmpgPqMoCp+jGNwPpJ4S5etWd6IdL7Wm
4Nt1QA9sdvXWwS1OU0avGGRc/4ROFhIYCdH7H7LOXqZXnoGCG3JLepgXJ8QxrUf8pZ9rdaBMhbU
eLzOw1kiX0S0wrowWUlapmcjspYHjfB/1x5Ob9SlA9uodyBvRVYCBsJvZu4OBIELuPeeL4g4IZi
tqjK0o5iV0QPzNBt8BZ4FA9PrUb66o4zKAnIo3u3m/K9I/AY3G+h7nk5WW8tQHLLdYg/NRwe+62
XcRa6yVix6fJ5qJDT+010FOk7gCmnevpoqHRGWU2+h9CviQdRtlAiwZLqA+dXi/DAVBlhBsROkZ
SQjknZiOnpHE9aEY+BGIddFzQdZjFbXxmJZEhMolGX133AaY/gbLVrumDNPuEpPeXw1bo/cOB7d
A9wM7MUN02QnMDIfGFxJFIrORNI+CwGssrI1E0ad2p1Of7WPGBawCPB/tfonKveNO0og3utFsbN
LBOQcJQIstjZMW2IrfJ5cMzBC3bAikEaBSmvSiUgMMJbv2A5p5y15TFu4X7S+/2L1CALutccwSp
TLIJetH93DLW9Ewnzyhd6vtQDMr66wxtgqwlGf81FHCASMpgJ++zF+zf7XJav48y9XAHZNPaM4Y
F9ly8kh4TvCflH+OP3MVGOfyfwMtUgcPNqT+TCrSyWkZk723HZnI0wz4r561GbH1UBuY9blEc/X
LPKesLxMgz9Xhkj2ItOwrIRxxZ+MIzOVRGKw+iOnbJrAqGuwfw6pv4kw3MMuIhayaJXK8w1oBmg
Wl4XR6bRPIsrQ1x0Xc2pU/PcRXTdJ129qIKXCZpqpYzbc1rCXRhDS0CGMa6kN/8+tzmymDZ0RpS
I0m9O2OnHqfxQ/H4oqV+YdF+QH9ymvs8XjNlkoa4NwHV+zU5sEYs+IGFPyJU8g8qsqQ0n58Coer
v45o1fdmGAw40xn8Esyy/uDgLBZhH3KH2VnVk6Rk2cZjM7zZ6OzKssprE69H3WTaYIC1McjkUgD
3uvSORYQwbUPEZFDach1iOJKkiXpb2nl91g0CJJzF2euQat5WK4jeS+vE+0iAGyRERTgO1V+XOA
dbL/oXaltcsw2e9eaVkpXxeq7r13LHc2myoarAbUPhZWw70okF432s0RLmfacYE/uwj3TlrIHE1
7ELG7r75Vh5dLx+m4mDDXSpmdBe7z9jb7s3UIsxvsLpPm8ddj8QOMY+Jq8YMvEKYWoNh/4+IMhk
KQo1jFOuArFYBRmEZPp+CZDjzVlvEQQqDOCIriRRwqRqoM0oRtpfws2gHHZy8VOqHZAtGdNhWhU
vGo6xfcWAdFYxQIcNKHzZTlPh0MZcCrzd25nG0hgUe7dJkkHV526G5eYLLThmUY6b2pLH+LQi15
szrUHAl5pch5KYgQ0S55Ya5cTotRvet+Ej7URTrpERuVSE5QftfB9lt/mcWzTQMEZyhH8MvTP9P
ayNbo1DbmDDLYnX7ts2sG+tC64hWNsMQQZ9oqXA1++VLC5RES4NxJeXDRRCUE7rR37XD6WJWa8b
nzEix46lSIT2YtRwVqKsEIzpjHs1BuwoMOAsVa15iLi/rx7Cxw2r4RcAH9NviaKhS2elGu4cr9D
pJhD4+bMi6pJ/jVU849nhfpfogXLPB/2HbHKdd3+6fs1nnBfiPrIu004g9QPNdKMavtUA/l2gqp
w7Qz5cgry6rpK47s2zicHYvEjHtIKCu72/9stEU5qYQ/7vj2cfLzJ8WcpKFNnSZu1O4iO7V8Vbd
fDdKpA6VjoLBBrvoxLMf6p9UA1IjOnYH8py+C890SG0RzmoyFKaGVibYBYaB9nexbCvKzd3L4hq
26UxDNiE/bd5Lb8bwd1a8tVapNfjs1jLaKOOvRwfaI2ETdhT558ammPvdyksD0vicZXu3HrPGBH
MA4rG3Hn44abcgF69JvnJaodVFzzQYPN5EpfKHKGh0E0w1EVhtQ35mfmMn9h35frUqEfNYxB7wZ
823tud7U/1BZ/gEhym1jlxicTgtE/zssbpUZ1m1t1mCL885ZqCJP1ws0fbtLQZNLVKKYPc1fJdG
9KD0EruA9Tg7VNF6xn+eAdhoJ7h2r5Qup8fAAWZvr+c8iXwXoKveA7zdq3uDlJMlfIPnaLNNwIP
xLkwqtPnXm5+kA7Ax6AYkyAfVSd6I2kDMWSM12pyZ6DikZGZFEsBhERng7vfsYqyjdP8R415QWh
7mHT7sGpw9VjCTNTgj4BidQ5wWBZ4I33ARqAe6NjFXr7FfcTGStUIYzMcayCUNpTr+qO3XMGDSj
jvgJMyQYSOjKMvNN7wvm5Q3b8HtueZoPSfVK12KGkB6s/oyWiZXJPD3IyC2d3qILwdH7dBAYBI1
TVsTHwq/rw8Tt+2PMW+5w47xpR1/biDZcgGhxtxOj0l9q7YYmWztrCx6s5Rea1GCFj7tKmtGKGr
tUq6Omp01oERBrew5H7WXt1ibhGIXcYespWc8okCL2TFqcjYTuacJle3gn+B6bUuThA9WYsi/7q
vLrq6yxD1NFZS0bIRP3vrrlJ71PuVvuVQOUdva7AlqGZH9UbwBQrmKEa1TYKJSobk7El3Agd42X
Rl/BYoh/Imtc0pMfzgd4eQgxTzeUrDqx5HD49HL5faIaUvXs+osfHamnWYvbmQve1DtFXaM7Eys
8iyBuPljpJpoQQIbq0NAZvfLGMJ8YWAROMA5mtGQ2Z0G/eOPsmcKlPF3LxUxakZfULqtmblGwqz
trw0753HBrxqjhk008OsDyLMygMJ8f98bfQOiguYLgLInc0zCY5GKuCIxMs+w/SLFPAEfPN9e1R
hVKTBoGgQ12Fnu12zN0/9FLxtHhQebaPsFLc9mKxwzV4ULhO/cJzUoK/RJopPl3vxtxsJzv3CZx
chX2NgR6UJ6faQRi85ksW5dDt3yl9eqfl24NXbnbd1Yj5W1THDQVFX83wb2SDk5/lLKlDRhUKJx
OnHJ8KhI+Zcy/TmtbW9Kwj1S7gfe5ZtPq4DlwCMRexBXyJbiBiQ5HEEbPQQ6QSBLVXC3jnCfLyk
YUE7nAYV+S4vcMawNt/tmgd6ozoPoo27Qj+Ae7kqOkfq2jHSROZYDDQA7a5ja1s8ll7E0AZ5bTJ
OeveSZmfrYho1WdnT6AcTMQpWH+HSoyTkIXIfus98+Etud15kZNTR3f0w+yXg+s4fg3j+Qrtnrg
3TUkQBLIT9jZ8GWi+laso2nV7qXv/IXRqVppBbfe+y11wrULPDPgftpdwHMOQSAkbsthsmw3PWH
AtTNaPbjDYDGO85KVEZli3sHifMxTIsxXBSChpVHJQb1CkH3C9iWOqDOKynrHeYsNONs0gTGFr0
p59cA2PYkF7+Ms2l/eC8mTOSyG+Hn1EHGchIWPI6/QQsUT7UXzmjTSPFQ6o54uSN5eWwUHhlc8i
wGeGN4hwrDD9fWYrGcUKH9DCsRipZ6H3hSnYrOHasHFcu77iZNKuEJWtY2KP/fzfiYyXAxSz9GQ
gMqyDFJuyA6z25s5ogEsqawU+wbcCRvZNlfWimN9SB+sCkSktfTlNNE+rl8ykIRz6jewP2n66VE
FJ2Wwy2Hm7vHejC6GmF1pX5Z8UYU6LKQbKDmEZZI+7tkdvJr7XIR3TKqynkfyyWxyfPHpJANK0P
awDNM4d3TOFK3ddCGpss3mKreIMrEmAzwzjoFClj4u+KuUNWxwvqE9IeUGKVPT6AIiUStejOp9X
d4LejjACDjEqd3SLnoutEQZdeok3mSU0siEOad1j+y9js7poOFjGlYuQ6QKPLNTL3yIOyDtCsCB
tWxKhP5nY90fSLNefZLXNSrwNxxIt4AqpTAerNyp2Qmh+M5m4FM2A00TPjayIFUS12ZlLH7jX7G
miN88/WyYMLQmXnnTQEMBmnj7bNTIOjf+XTOhptuFgpDX6EeQjYQhVlHoCDvrG+r5pCemHm0RjH
CYY7++TsaoaXCWvidfeKRh3a/p/6EHZhiO9WU8cKq6bfGjZnG4zwIdRTUTIwoPkY/mcX4cfXV0R
aCai/VV06XM1wQ/uHFzS3HhFlCj7+7ICaqQL3glYeYqejnRj3Lzdy9rNXc1LebWiY/ZF//I69mr
SyNqMO0JlQk+UCmtNxgS2tIWAXSEFqWv1Dy2iFmBhdgwVBtyUjh2b+FOUjRAZVsMRqjpB9TbhGJ
aCHQ1Cu8bNWZQBkjouj3II0/Bw4+8iImHPCJzyfP3B6UDe5BprNOWTQe5u7vL8H4b0wJznX06d0
tyj1Kr+3On4EGcKnbJrYz+XYUn7HXDA/cFtTv7yKGHoiw6Vp+Lc/J1csiB0DIrnpjD1BfcIXuVw
KIISw6HluVOwNvhw6bomLi0xzvqCYwuQ/ExFRiMFhqroT6a481aLdP77mFOWfBlANUw4ikSLIqj
nb/8UlAtvpTgfyCqFHC6ywP8zYbPM8HXd+NCtiv7qFgxbMIIQFgIBADAHBgUrzg8DBASCEAYEgh
ACWv8CMwB5Dz2RgBwIufCPvvhILYQBB8HfgAIXRi0PYtgAD4NB4AnOhB8KwdELmQg94nAB7/ndc
GAHvf4MAP+/0QA5B7pNA5/ROeGMIQgB8QA/B8Pv/H0IPdADnjC6AHveAH4fh9/XfjEAQO9+PfQk
4EAPBMLvhm+IOwAB74QECD4Rn6AvQeAAIgiEUn+8AEAQcD4XfADnvec94g//GIBO7GAJRhLnvu/
6Hww958wgB8LnPfHz5fBEA/wA6AIOiCIAvjGL4PfL44Q9+QQ9+98XRB//3AB8IIfmEAWwkCMphB
D4hfA+QaPAGH//DF0IfcAMHQhBsARBEIBA/CD4AlyEYvhIDYxe/8fh/6IN8/yAAQd30X/h8QHOA
CEYwfFrXAB2b6Bd6QhOEH4nwDGP4hA4PQR/HoIDDAH4QD74P//B0Aej3/oOAIIROD6P5dEN/nvh
EP+gAF//wgDzowc+EnQ++L/wDD73gfIIAjdD8Xv8D4YCi38Axd4P+hl0a//CCIAv/B0OzdAAfg+
ATpgiF8HBh+EAPBF/3Ok94IfBCAAPDH/3/g1wABg0XQCi6MIQ/+IIee/s4Q/ET/SgEIHeA6IAg9
1vwvhKEwwB/4Y9cF/3hDD74PhELpxAED5Oh2MwAACEgv938Xkd97Yig+QoOiBoIB+EMAAf+MAPe
/0P//7vwAAEQYR9ELgie58vxi90Gwb6D4Pj5/oRfB4PyCCEAPB+QIBj/8PSf4L/g/H7ZA/6M3ff
93wy89//QA+Uwgf94uzeKIXw94EJP7+Puwd9/gA/J8YABEH/hC6L/eCCHnQ7/7ovg8DufECEgxk
F/ZABJr4gEGAZSgDoPxD6QQREB8QgA2b4BdGIP+/8Ln9j58gA6GMIfCKP3gfH4fRAH/fvjCEHf+
7sZOe6UReiyYAwhEEfwj+IBObCL3wd+QoQ/5z6RfIDwSf98YfF/8IOhEUHtAKToQ954IQh78QQ9
F0RQiyT4fgAAWjE97YS8CQfxAJ4AgbAUIAiD4RycD0Xj+ALwg9+H3dhIH//CB7wAi74IBi8Avxc
zz4fi7wIfaB8gfe8EIiD9kPcg/4Xh9JsHBCCQpO/78gegH/u//D4PAc+T/fG8H4ggB8YQC73/wf
CIQgf7oAOD+MfPfF8Hge+AfRC9/4PD8HwO/EIHv85/3fcB7gO/B0XP/+IRPiGEIBA93Qh/AT5O/
AX3Qc8Lv+kF/+/g8EPBB2MQPfAL//e8QQBiAEBP9GL5jfIIIwi8IwP7zsYfbEIgAiAT/gAAPwf8
AAYidD/hPh8IYeiD0QBBL7ohB/0IA+N4IB8575BA4AQy+/4fwcD4PAcz8f+fB8Ac/CLgQ7B0JAB
6AYxkGLwgCJ4ovhGDfP8EU3vhB8ZQc8AOh+8L4PgAIPfGCD4+b9/4SgF7mv6DwQP9/zmv+H/vtg
7zwAhCEIfm0MQ/H0Lm8iB4XijL8P9+D0wgl/zoPkCEIwhCEPu7B3ovB/7/9hGLwSbD7oBEGL4PB
+EIihD4BAAMAXw9/zYwfD8XBGAAYhE58QwBB8nvf/ogQi/rQ9i6LQhi533wFD8YUDAX3iBB4v/Z
B8XvhFoAA/EEHxh6MYvc8Q3BZCABfCB0oh8EE4PjB35RE90X+kMIYC9D0YwfMMXQh9/n99B8J/f
CMHfBNknt+/vgNCB/og/CEYNgIDowi2L4fgyIXg/F/4AgGMIyeCHwQg9/wyA5/89CPIN1OgFB/M
4Cw75+RAtF/L89BD3I/oaGv/uF+YwEQrrJikx8RXj7SPWCjL+AxYU3vjt6hQPAAbO9+cV9AP6Hg
bxq+wW8xf+IQAKCCv88dwjLufbChAm/f4IJfP3Ms0l+hH/AQX99SHb6fQl/sYK4QcC3u4JACry/
CcPCP7hAAITCvYuBBLp3f4aCPXR8hEGFCXc6xIg3rsVBNsC8Q30ANrY4wra8AIaAOIW+R017cTy
IBzv3g/m+PHzDP/ixwAOEy0pCfcD8/AXOhn66wn5Fhgu8gEkDxUKA+//DQb2CxHXHwv4+h0GBt3
+KfUZ/vXF8g8cDA8NFTzI3hju/AsB/xIOUvrPGQ4RBCPqBAP3GwHo5u8K7Pri6/kf/+bHBvgCCf
/+HO3PCPkK7A/99hwP9v4NFxvYDg/v89nqMAcpFfgWyAzlCfAYBRDjJ/nyCfYBBQog9RDl3hj6E
PgNHgMND/QZ6BMc7SMkDQcl4xAmKPELGekgF/MR/ur1DTTxJijxEfv9FQYLERwbAx7sLNvhDRMf
+Cgd5+/fBSIMBukF+uwlL7UkH/oO3Qz5/f747vEMGBMN//XlA9LWBBIADh/u4fMM+PDy8wD04wD
V5vUWAPsB7BMU2RboKiEcCOn47P4VG/zv+SLvNScBHQ8iIfUP8vsFEdoH/Qf+6BzlJfL0Ju/zCw
wW7gEE+fntK+cfDw7tIBD71QgACRoX3Pf/Dt/09OkWKwUsJvbrG/EE//oZ8uX80NkLAtsrEe0EB
dQJChgV6/j2ExkYDw7zD+QaC/oG8tcqAw71LCPh5+n66vsQ/u7kzuknGrzmPPf9+hwI+vEpNej5
Gdnk+wjzHNrrESAO6Ajj7SgL7wHuDPn+FvrtBPH15fH9GRjrIAL9D904C/QDWCIDCPzpEDAR9SA
IAdwP6hbv/RsJHt378uQT+QTx6u4J6yMsIwT43CUjFAXm7xTwFzHfAQkLBgjxKvUQ5+EWH/Ee/B
QH4w/s9Rb58z3aKR8c8+Uy9v8S//Ef/yIh4+E9OAEJB/H0IfsBRfblDh3u5Csi/PsLDeIOBh3q/
fP7EPj+AiQH8xUADP0YDOUX8dYOG/0KBeYECPn06DkHFQYXE8zuFuLuEPwsEfUN3+EZ/s4IC88G
A/Pg+fjqHAPzG9Ig/9cIDP/8HA3nAQgO/iP09soOCOkkyhId49bXGfH6I9zx+QnnDv0j8wr9ATA
Z6gkUAevqGQoiD+4C9xwWGPb5CC3NzdoG6Oz2Dxv/FgDkJhnX5BIK6kAe5/8JBhUg2OUh2NnyBB
3zD/DeLAPw9MfmChIp5ybS8wL79/ArFuHo4gQo7trs7vLxBQIN9/oB5NXT5Nz5Hvvg9wLZ6NwRE
AorNNtKU51SeyX5CIHHQiRF7kEkBg9pfnqo+6QoAqDJWksR5bJZUqKqGwsOKvzEJeHpmDIgCiEj
OoJiXra3aiwqLOnyyJmJpcyTyS3g34LuCsa7CdNhwpeEoKu5RPlLG/vrU4Q2umfygF0+Zo3x8Jz
5NrBpmLSbkjCEzQHpndpPoJ8Vy4qnW0Ga+BIaU07KqovP5QItjMsHdoMhkNEl6vLJU2b9yUcpki
yALQ0ajNuzkzxVIg7PEiTOPQETTzstgikpWaz+Dz2OKpNQIrOV1hi9jqoeQWxSLEE7nQrrWuaOm
L2x/wVOL+x7yjlZaSKWUUoguHGXuZ50UVByr/8GaEII7sKIJ54cRaSOhXAgXyFoheJE/u2HNlPk
gCQV5XhBJXLWjZViUSyJwZbgXpuKrFA89lcWqabc1+OLXsZUUfUqO2saYTqi9JoqkCVCidlnb0s
zyDvW2he/pKFqM3ecX2qZl8YeHmascH3Y3+ODKa42KHKQ/6RlHBWGDWkrPp9JXqqAHJHvendHVD
gVafKZ1r81WCsCh4y5BKlOQg8RR6M2/Er1LUcSBYSgBe3LkGjRG12aexyMTMFGENtfiPuqVu5vt
OoepdIdISJy1PTcghc9YLmR2OLcdrb6wPPT20EAIBs2KlO1ztOSxkYLErI7Q91LxmQ+lNeQw1QB
FLHxX6WKvdiPZplvFlHRujKrrmEeLb7K2moYIM2aBJnYBDT4JwU21CgNIPoWLMFKrGrzJ0SDbFz
Eq1QgF+IjDA+Ao9pMnqYnuNZHm6jIS2bVqwitJosR1lLMf1Dz58Ui0yOiIgFWynVlJlEwBqWohZ
EmukcMpmd6IwYdGRqkMF73Fi8AHvl4UbikQD1owQIMap9UnZLZFxN5S6ljhznDxK6UGzdro/x+F
ajWoS0fWJ2B4ENrnLaOYGkXAp+b7vK1Fo1hoCJ4ODLAOLWy+KPdYTBkbm7AuEt5umWE5gPPTDOG
bZtDEs5vWU76YVI/BcZjpkxK+l5ms5Cy6HdMKFyWXNpGaSbpxWOE95dw/FTqZ4UgZDKGkdukAQb
fYL+M0ZwCVurdI/682TOZMeEuWqXEQaSMNhpl4PnbG1s5UiHLWq1VsrBQKimrWDROR4NGEY9HOO
CoICLyYSjpsUIb0x80OmDyZQ53NHiJyNtPtl2+NgtSQj7mL0nwCC5rkRBW5YCWHrwyIBMOnYvy3
PWUhe8JFE8gzdhEbJndS3UY9avdlZKRphaBETz13Q7/XBigIYvCbom5arWsJL62EnSV8+bGXZmG
6hYbFXKZ4oqiFjc6djoolmNOvSKBK/JdUKutkHOuR/oKarJBvdIqCriLWmGft6tyMcpuQJ4UPk9
IdSNQNjCYESsslRggkgZ6Roim0dpnEdMwHZVUy6xE0Sk4ZisOWPmN5d5lfRImapGSS+PbfwoWEH
umoS8yzarH9KCyfhTq9gPuHTvcgpvGghKxDpizBedHMaS5ONlteHgselYxrRQV3PlyOqpXhlV19
4hvSh8gSvv5pbsh2AhzZhSOKgllR4nfdDeicBoNF39kAczSPwIOOEbc8FGdDbd2AFNFDvG9oDm4
JGKNE+o8ikzLmUogCvSjTp0CdcVFAsmQrQ6O5CyS8gL5tHSgHIktwUxa5ppWj8b49XmITk9G28X
1zfw59QthdKaicObjCvcBmYORNrGppzNsRk7iXtXasvyGONEckroSuWTGUPg16KFjtZtrvSbDZC
lHBRqgo4vl6qAooSQF1OpNb/5wBzBsVw4sdTPwG2xZ6Srw1SVInlDVCFdo9k/q+nAzm50dRgdX+
UOoHDl/J4mrZp5y4nFwTeIwna0YesfZjybgQcEoLILkR4VQy9MgHYF2EJAbRxnyRsUIBhRZm6BI
hV6WskF5GmX6ZkX2iOWo4p3alNT5Y5MlQaoK9dm6OJa4luyA0UEA4WN/G21A0WfqzEhgJ7anSCK
IlU104QnoDya0+mqJfxAerYYmFT6FvZ8uhruh6FQ1QUCzYCtdH6RqoOumv5dlPXIab2WTATHwBF
sPkES746xaYRcJt3qUSz1GUkDmd9P8Z5wK2eNm7z68R3bw0LyrbhXYFhDFYI37arKQ+YfYXuE2I
MmQkKyy14OKINAS5TOF6SMZ55ahm9sjjoywEwFXpbCJO4pO7YdUUOvPn2guuHQnLd8GjJmQ8v0I
W0qICgHIVyhr8URAAKbcWbg+cdBbvkWQ9yszz86uTW3bFpqsBMQjOOhJMGTeYzHrxTCNtn0zBG3
oAQBlpDeDX1wq0hgI4RS0Pbz3o0L7QkVqUg1ag34YF6mY7HC+kfm5Ogs4YLrVmx/EAJjS70MiG9
eGORJ22IVnA/7UeFnv7j3q5ZbIhMgB2avrXQEZJAJ9NyVRNAcd60hjlNYArj7iaS4YMGACAQAwE
AYHKoZIzj0CAQYFK4EEACMESTBHAgEBBEIAfbPfqWQAs6tcNrUTlvGz4AvC0yS1MTufh+TBYwVR
QvZEWy25jzS0xieI4U/rDU8DwgkYnKsVa7FPZxN9P4X608E=
-----END PRIVATE KEY-----

B.2.8. id-Dilithium5-Falcon1024-RSA

This example uses the following OID as definid in Open Quantum Safe:

https://github.com/open-quantum-safe/oqs-provider/blob/main/ALGORITHMS.md

id-dilithium5_aes 1.3.6.1.4.1.2.267.11.8.7
id-falcon1024 1.3.9999.3.4

A Dilithium5-Falcon1024-RSA public key:

-----BEGIN PUBLIC KEY-----
MIITCDAMBgpghkgBhvprUAUGA4IS9gAwghLxMIIKNDANBgsrBgEEAQKCCwsIBwOCCiEAe917+DD
A5n3xWbiwXKbeSyMbvRfnoPBlVHZ7DWje8aT9Z9YSWG4+l0K5gAcPqQ+wWBuIAL+S1HgOBPuOGg
yS54ci6fATlQ85kgWlqgqWppckTX+DVEcp6PW6R5hGAjuCjtPDC2JfL/adZ94s6m7+SuQ22MjF6
QpkYzlwPmpnsyYsSHxO6npaGHpvx0g/zigOVs/wLHmihRK8IAzngMkzue398NvpvEmdv6S8lGEU
j9M8jImxDFlfj4jHCICtQlJIiXYjr/Y91LViH+XI0hH2X4BVmh+ebamMgjBMCO0JdoL5U6MRtEu
Rz1N1v2RiEupPpYAuqtyv/p7CRWQ760U77buCu0UppUPTNHis7FBvssei44sxv9atlFebbIpbXg
4+LqEycSm/MLBdXQ1ZJx9pMno4ttCgmg7mR0Z9E5hcPkCBYyejXnm8CtoEmSkt8H4+PssqtYspr
mBCenslKWqq62IRzPtCrb4b+snt3rPDhrEre6f2a4lpy4okT35H9ZE5pZd3DJPRMwOfRBG06XWG
sCh0pS2+Bca/68Q1FqLikogxa8DIGMtzKRJzaTACH5wW6YqHLwdNSYj++phQosygnsBNGaYP6Pk
OizF4jVjkET1Khjjj3/YrEc4vQ3MEv+4eBeN4HPLULE5S+e7i1cKOiiSTLrov1Mb0XNrAZEjYfE
O/t66DwLZARqr7BVAP/qgUu1sstbz9GkZwssJ/h5ILGALjMSkX/SAS72l7IBsWDq/ozcaJP9Ztp
YJXyLYbOQKDt8xcbkDOg+idlVChzYWABvfAT2Sks50ruL0Ttf1+bbGKezGYoUyBM6rPHrYgCTTK
NbVJPfTIOZ4LFdG2qYZTMSvcMqUYGzN7p335JGVtplKiiXBjHQbhlNFna+pd5VCJCTvYh+DwHnH
w02rU8PzFrH+Yr0vcXa4tzJLfl9WNYAFf0pJxK63OGGxC+91PVQMorz4zE4WAveIRqXYc8+waNI
p/+chFXAfT43X85TfaKEbI2FjfBXkSXKRDM4RdzHwlSsSC/gNA7Uy7phndqxrLI+18wOVXtwXT4
11Rk/RIBXw1HddPk7wXYi8UQ2DGMdg3zNdDk9C4H0OvLttX+X9jynJAcoB5ioTb/Y7KNMftUVLs
tL0IuoJ2A/+9pZzRtkdNBmgw98QgtadfLnpnvQX8a00HpoOi+XIk+buA5+zXNVKWxKznF82x4k5
qlccDjkgQdYFYmr2Mc1t479WBRiSrlC/ELpnm7lCA7wLIUO+u6SFJZxcfS7IiDvehprxUd0BQEN
8fvNLY5qFZq2LtzBk6RegRrtQdT8LyO56wF9DSfPx0wZwk6eTRII3mTbbpzLGsZXKeSBPVRveRA
5CXQeZDKTkYt3Tn4vcTbYgjf7xpNmNMntB1ozG6g3SN6sCFkAr9tEbkeIbI3CToMGdO0PpCzXRW
tmhY/GVmpsC+M0k9Lm4yHg2Ju+zwPskaHGruJZaH+u3z03TbSE3Zy4Ksku80mBb/x5auJgUfS4M
GkS4pfSCSkHYf/AJzDOMIqSJaTKrmSQ4yENQNX+dAjfL95LHzYarjIOosmLOW5+gtxh/hyKxw2l
oeg1ZNKbP4UHTC7RpNqZaBQ9w80q9LiBeD1lLn5ZATWDYleWtRvWX04hiFsduNwuSad7lTSdwVk
8CYfAM7/3LouTMrlzv5xva+5Ununeb4QYnrSOeahi4eIolMJr9bp9vwrxoMVeD6vGskL3EEZOj1
R+te7s8xtHZFqMhzI8PuvADaBZVHKU6gNoKSL1zcY/fDK8jH/lLXRjbNAW8zuxrRQpaGaYQePfC
fVFOPS5uWdX6o0F3RQbTta3o7lMiAytwVpyMB+ubHk+h8HhgaOpVCIXR0NIC6tbIMkFj/HlnM7q
A7AqBcmjq+pGKYpxFKiAMR6H/Am2lzDLmHZHhHXPU+mUn1+4vcm0ick/X2jlItm0d9g9zoDRScx
VBE4TqoA7i/tiKrNmsPzepGLG5XRnia7Ob/Y2y8hKe6e0pv/4heatS6W27oLbq6HladNRwzdUHr
M6cB6uqzliQwW2BFctNhQXqzmbsmqxRNaIqbMO2YAxVTTHGD7UFMtPlbpCUkoHjn5wVaQrOORrn
wokF1qE5Lm4x4fwqDUEnn1IKNHvPMTrCGv2Vm2zFGpMIpGLOMRYTc/ybNORLjT+jNaS2pODBtnQ
uJzmxzoHZ9VcGwtWhVi1iGreZdADwLjOBZn/wZ3r027FK2iNFsOmf15nKno4qH63TWLb5aPA/MS
0xeOYljjxcEIn0Uz++sRS+aRSvE7CMCtM76kWVs9muGguf+Dz/wE6ig5WAD3WdO+eJ17hkoibdC
ZfL/Alm3+65G8DbbOa73pZXErvFBXYHqj3x96mwwCETADiDiHt8wxD4brEVK8qSgZoYtYLNRuhX
1ZIe8J88x7NsUKGHQ8SJ6aWGnc8VsuBipV38rDsG+f98e/3l0j1++vguiURp1B+sOco1H3oa5ds
Ajfq1On1rXwnqPJ/yj3OQPlEhX8KmJOpcTuSgfhFq4uhC4I9w7VvsVOpv+FYr7tESGpPmyYp/OU
2r5ZYlwEMBsdeD6myOK45wSLX3g+xDP1GIEQApRD0lwlvlirqPAUgdsWvI44ez9ZSHuBBW3dmPx
3iFH0HJqXyUpAV3MUY3d7kTIUhq1Ji51nKzFEAG2dAq3oUDBVxfuWaGwuCl4RE6Pqyynw3jOCSO
XePx9ohYUTJLfpBeeD1smsITdyQku0bC6Iwq28NZzN8RqHZNqPtat1gMGDoCJhj4m/6cSvjsryB
BrzJARf3pIEKCsMgobbkQ/j1woO5USYe6a4G58SoPbQX4bFMmbIxPpWhxw475HQbJMrzGnPBOxY
RRhIhIYona//Y9/8qY674cDSQ+UFkJ6ZaW3oB8M0igW3QJ5mcsT/yxrjXAVAUh99AUfANjXr9Op
0xO19dmRk7I8YdphiW6JgkebmG/SyACCFSnJ3jHqy57hk+RWE6na078qRkdOPLdIPXyJEuy51sb
qg+T/PmeBrH9BJWqExALXtoyNUV+QvUVBwfFU9edLqwAumk3jx2huCzw/khTwsckM+MQ7RS4Aax
Yr/DPZM5vS7GErRKIomHZrqH2BED4SKT9k6Z9vjBBPAH9HnOeEIt1yXrS+kB6TKXVOf5vwQ3ch4
dg3hurYkg2zkgQ76hTReuY3jWQl5XKDEJYkhLctCniZYdr7GB/Oiaw7f/bCS5uvBmdRYVhgbABf
zPZmrSCEEiHX2Do971T66JwHOhnAzVBbIq8PM/2ffxMLYOtdFj03N/RGdoBW21JXCl9igBdi8V0
E3ACQAxxFfOWsRVvO6TiSliDZYaS6ms14EOdR9MsWP5VJjd39FzXx0rYjRPHNcuZnc+a2GlgPKL
OXb0jBe2Ype86z5RqrLAedpYCr0ek3XjwOVZk7gvKMbrAf9S4EJKSIHZUSKEnZHNlEQUlNv+RSM
IIHDzAHBgUrzg8DBAOCBwIACkYmV6hg0H5ZBCPAiUwsVRS5UCOpTnRdVVf8wvZlAM7Ttesjmq4a
qsYbhHyuF3udFASyaaVT+p3dM0qzx7NWCBSgC6HxQmWQbSzwtxfzu/mS1ZEUWDG9t5H0QcRXZJ8
rLKSGdCriouqAbAcUENRYR3kT1WV6Kst6l7bkCK5Yi7R0+dSGqSwTnZrAll2CO6YBcU7tezeA6n
uaDAqv3ukSiqAvg3TQC4enH24S/1k/YEBYqoOAdRsDolEzB1nNoyPGTvC9YisOGE2mXoMtatCf1
star4nAq2ryCi49Bic1byNNkcFyZs5j9DzazcHo1yCtHdG6pF9EKWp7K4wbRIF1asF71w4OsZYp
XWnDglZwm5dp1EcM8mdvUrEKLlOTRC4kXc5DYdGRynDFdcfAGnOwDc432+MUbkorJVWuu2msV8n
i7e09Np2hhhV+h/xh9eOApL0o+4YrrWsa0eFRL676T92wxTWcAXV6prUN3b6r4DD3A8Tviuixhz
oNQYICziEJILYabqzpF8F0ePVyFZfr5arU+bjv1+yfOpqTcxMnEeArqwjdfheFggvNF31lNhr6+
G4GdRjMqk6hdHr1DTteljubNVcDem7HcLAeshsaJkUMdGaHEbqdjAbCbeMRh+r9UrpuqGRV5YYy
n5KphH1aBx4tmGlglTMMmGvoSjAwpB050TYbBMLHlLCWWklfjIZZbqaelxkuzsc6gdhPA8xJqna
k6FvMNwGMa1ix4jNj4ZtUGzhwlLiRoyUNKpu1pmgFpaVw9hoirTBasTNDZnraOjBUqQRpYcWAxp
u/k32E6IiEYC2wFKNFWvicogMrLFdhIIk02eeZnJIu6mWaZ3p2LK6p/FnFhtJgq+LbggXIIBHlB
u56+Zqhkwm2aDGjKv9AoFCS1FTgim5bJTQ7t9QKFAUodFvdiSHKH6UnXjRExbp6TRbruTpeYJhK
RR5EI5PnQuxt+MRm5E0JgoEi0QxTOWsWoNOtn2tBVv1yipESLsQWCrlel2X4sPSNlh+mfFexqFc
KGMmJoXAsGXrJl6TgDxwo7PqjBJIyfBJgOaRmr23GtAoSiCGguOz4d5RHNLqJYzeIDr1qLEiP2v
Kt9eqDOKJRYrn0OdLLBxWc17npXzYZTRJZU+uOjWL8qqQCzDWdmLGWEoIiIpF1TavaAZ2XGkkgl
ViudaYgqiRxpXazbpxojNofBV8YoycOXRgelhMKgnFqS9vlaFzacyRHSAUB62CpiAGWUZIir6Jm
JuFR80TlOINR27UPLR4tFkIle116cooG4uooNBrdCwbZ6MAIsVnZJiz8maRE+jYK5EBMZxEIKwA
LEkxRgycvV52q+/qijZvaLNUXr5xqHrADASX8og3sdHDdvWk2B1dnqQuaRbvjXKs/gIUywGbXQI
LeJXBp22qOFiOyWmsuiOyDNuRNlXc2YVvDItOtorLbE5ViruDK5YWdDKwWOUsSKrqFzUCrBAzfn
2ggWGRLeC6q3FvyVaGWYBRRvqYtnMhZiRnaWqACbbSRZzp6IlzlxxirkH3yKHdFpm/eT2pcQWhb
tIjZ41bzjnxptQEYkGdt+xNL2a1EXK+ZqkYsmeRqYY1bdwZIurl6qukKRqSoTZaVJ5m7t7/akZq
ceAvxIsBm4jpRiRVKbPjoYZDbpIeKgGPCohREYdflk8argu7ECVvgBX4M/8DtAGVqzjb05FD+m4
baFuchuoZ6JBsPxOK2RPtmYIwZtfYTMFIZDoW4nzay0DystB5W/MU9XdFhE9TrRlniJPXD1AOIt
pUFqx2Mc0ZM+ahhDiAaolhGigYtzoIWNI+qJuo5Rz7dpA3skXTa7GccKiSVYotpoK0qMNkJOCRk
gEDp06+EfcpwICnBALn0ifoYDrT+XhGcrfSUeedrXej7GsmolxJb2r9y+2YThv+0MpIns6+TYVq
IB/7axbg0cmsKLt9guAQ4FejKZrTxilPGMq8Srnv1R8e7nP9zrc3uXN76UcTda4Op/1gfFnNNXv
yhsoxaA5XkEmUI6Ho5rcArwNo3XcqixU+We3ToBv4gpksU10YwRgu9McX4+YUHnLK3ytgndEYsq
YYmEM6NOtECd6RVWEkfAs9fGFiEcwPvDY1ebRtKQEuNnvGcFY0e3i4qVlbPXGUrftgH2QgUIGkb
RuDVCyNheYV9kX9EiKdildUETwVvkULCh1DpwBkpm994RjL29FSOHMzLYAbaiDOKiCQWA5l/RYb
YSk0CVwiAthxipC1GDQa/ZYRMwB0aa0p3R7CnwcAqdHMgZ0a/CNoW7VglSJMKaN7iaOprUFMlZW
rcG4io3mzjrZ1Jjr2387EO3p54fFVSXN17HDxD1Qh5atqoNNCaX0+hz/uaKmA5LHQosc82FhUZR
JcB5Do0eiHfQrAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCc8x0qq2jSuQhAVnTB
LJpeYHeUa/x4tZlLUhbTziOADVcmHwJaupEXAzViCqoQ0Nk44ZmR9sdDPatz/Pil55Ssrv6NAEt
GHV5HWkdU0AxAtcUD5YXQbNCNEDVyAtVKlbYBokr+jS7Ed7In3+5fts5tenP0oCaAD+gi8zbrNf
fFXowZMzCZByQaz2JkvQZjS79tx6YxEHWeTdnmIUpg+ueluRGRw2+hSAFBdPIZXLKDbSR9WrTsS
/kEBmrcKZEbEIyPnyq4iHvivtpi0rgqGjprGvFo2GTvoJ76GOdZEutkU0et+CEbtmexUmySf399
o8EufEf293W37DggP6aA6ipIf9knBIekPjueWaxOY6AU3aG++htyVL0rlgcxwLKFEqXIM6WvTeP
G1mkcVNsQSkFr2Z5+Bn/+vYVBJYx1EDTqNj0/fZY1MasYDuWXImx83iCbmBIGzZ7BCAgFL9rc8r
iKAw5IRVQWXCEX3g8x4UbQb9L0gq1MnqxVsn5g5MjpG8MCAwEAAQ==
-----END PUBLIC KEY-----

which decodes as:

algorithm: AlgorithmIdentifier{id-Dilithium5-Falcon1024-ECDSA-P521}

subjectPublicKey: CompositePublicKey {
  SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-dilithium5_aes
      }
    subjectPublicKey: <dilithium key octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: id-falcon1024
      }
    subjectPublicKey: <falcon octet string>
    },
    SubjectPublicKeyInfo {
    algorithm: AlgorithmIdentifier {
      algorithm: rsaEncryption
      parameters: NULL
      }
    subjectPublicKey: <rsa octet string>
    }
  }

The corresponding explicit private key is as follows. Note that the PQ key comes from OpenQuantumSafe-openssl and is in the {privatekey || publickey} concatenated format. This may cause interoperability issues with some clients, and also makes the private keys appear larger than they would be if generated by a non-openssl client.

-----BEGIN PRIVATE KEY-----
MII0cwIBADAMBgpghkgBhvprUAUGBII0XjCCNFowgh06AgEAMA0GCysGAQQBAoILCwgHBIIdJAS
CHSB73Xv4MMDmffFZuLBcpt5LIxu9F+eg8GVUdnsNaN7xpPsrCOsO/QRu+GObWvZMyX4xyy1QlL
3gZf/HpZhmrF4PHSrex35iMpaLkpu4IP+2fjaA+NXYOO0Swi3DRp9d2XxKwmGDMIkiKQQTI5Bjk
I0Qh4GZGHEJxzAUt4wCsolCtmDKpEhkFJIEApELuECCQCbRNoWKBiHguBCSgiijNG1iNGKisnGL
poTCuEiUBoAJBCCRCFEbQCChpCWJEoIZR4pbRiQJqI0IxQmBQJGhyBHiCAHhsoGYiEGKtoDTAGA
jtggZmG0aFJEkpxEhASyUFCzCQoQJAIwME0CMiAHQJGUDpyWMKEzCqEkURiIQMgkBARAkAyTYRg
6IiEVESE4CR0FkNFCAAHGTFkYMlkibRjFZmBCJkmGMwAgURZGKSDIjMIRaRohIkGyIICpkNgXbB
kXTgI3MEi5REmlauIHQCGTaBDLglIgYmCEMAy7aooQKNShLwgUABCQjAYiToEgBJFDcskkAsQki
BnEkGEygIIVARE1RxilTwo3LNIURCUxkFFBJpFBMAnHkhIEZIJKhECqQGAoSAG5SwAkhiAgDuZD
ZkmQKwo0DIzBIsnDCpiVEIkqgiCDjhGjYMDEJIkDQEm7QxDFiBCDUJGxIRAFcxkUisGziAIQjEm
oIMxGApkiaxE0IwImAKIAcho2MoGGLhEkTRCEcwEVIGHJICC6CtmVhNAbJiBEUuE0cmI0jGE4SQ
WQUFFLbMJICBCmYhAkCRlDLOGYaEQoMBJIQJmULEYFEFijTqAgKR2YLBpISQkbTCARJlmyCxGGh
QgnkKGwEQyLcKImMiHHaRi1jRiokERFQlAHkOIYkF0EhxojJkGnZIi0QtmVUFCgjQykYtUmLoE0
LRRAKh4gLRY4EBYhjCCmgxIxatAETiTBaQjKjIAJUOARjBgWgMIFTSDAKxWmQJgkBIwCYQGaSpH
CTgGCaMmQMhCRaxAQJRGHECCUiNoHgICEkFGabJoGAGISElonARAEkqWwcNJLMlgwRomkBhynUI
i3Coi0YBkUCxWTYECyAJEAEIE6SBFAjRmQCpYXUGJFcIgpSuCUZFEAbM2RcAG4RAlCUSGwSl4HC
uG3TsggZgAVUSCbbIDIExZBAIgJYGCrLuCUaQowaNYYYNjJZsmmjtCwjsoULIArRREpKmCwQGSX
IElETAEngEkLhQikCkQ2aBIEgw0QZQjFKECTMEAYjhQXbRi7BJCwaACrcRk6ioHEbsgEjQIocMX
KQGFJUwCFiJJGbtEXiliFhFChikiEZJ4QaIAiiGFHBEnEaJYUJiDCbEg3ROAkbFWiDxGHSMjDZI
IrABpGkRk4hkyUZGE0KE0jBMGFYAoWQpmzBAISCIo1JMowUoAUhtEwIsIAKNFJSBoVEAkIcB5Ji
pInDBC6IGIKIxGiZRiCItAkCSEZAqIALRhHbEEwQgwgjSCDMFCQEiVGQgEQZuFAQCBERFiVJIkI
DKEhLhG3KAkqUiCgiSTAkiYgjhDEhFEgLoG0LMo7bKFLUKCCMImHBNkBZIEEYooxCJi0YqWEJlS
wDmWFaAkLYuC3RphEaQDLiwnEJljFKJIoMEWwChm2UEgUkMBIZsEACBXBLNAUSlwFaFGrToJCjA
gHJhGSjogQBGXAZEQ1QqCgZsiGShAzAhIDiREEZpXEREDKKRIQZNSLIpg0MowyShoEBJyXARFKR
SFLBxmwahEkEkAzjQIoLppCiqIUhOAVTlDHTgklaCAnaEEnIKIUBQQIIQ0lDMJJLMDCKMkAjQ4Z
MME1homiYFEkCgTDhMhLLspARRgLZOJLboElgBCkKow2bkgQCA2LSlICTQiCZFpHbGFJiBCacFA
yiGFAMEG4aOQIQg3FbolEYA3IAmBDbGCHYBCKaAGiEEgoRyDHJhkEJQlBRIGUBySGCso0JE2QLs
gnQEEaKIhEbQy5MBIoiRmGksoADJUkLEIkbQkAIIgTTooUAoGlTuIDkti0ElREJsi3cqGxjKIGk
uAARR5KhgmQEBgVZBA7RRIELGVBxX17fATiG6BLmyaJqAkS3lqIoEswgKUAGcxqaDLXP0x1e1c3
jBfLWki6E15q5BPHjFq1dcUHuzlQrLs1VwdYg+ICy7UcVpyphBmdN1tdKm3OaxdMKrUAVo/LjYZ
xGeL8G7fDFr4K0JS8Ytul23OLxtGiZ4Eph7Hvq8xdaCwW4TFPe3LgdBenvNQDDxQj/LfTESo8fb
R3+zz2/eGWLH+2Qye8mYroAns2UEsrvslP6flBcmPO/VhkIWihsSw6uaaIBW3a3mODFGfRJdMBR
hWRv4zQd9YGGQmsPgNfW0+HS5V8mB2wcJy7sL07w8PRfLbY3CMgo7yNMA5a9xhMYvFckzhpXeEv
Kw3DLVw1sRe7WJD3x0/t7GLlgDMqn6Jwo3xuA0Az3jVpx085CarqwUObgtTSF0CRTf3gJcKboen
lJ/5i60xWoZzseX3K+ReFWUgSt5Xk58PUukjk7QspUUMBbwIuPnGr8g0bRilgzWqZqHiIasARyu
enH95FOGyg8SazcmXiIS5kv1WpMmb3PPrCMI7oMXwx02hNCodaY1vhalWZXE30fB6aOLMdPhgmx
MFX8G7mUKcU1TXC85JaZh71OF19+iCMW5v1KQEGKH1x2Kv5wqOYAF8/R32dHh7trnQLUrT97N0x
oej4qUxiQbn2SqOsWNjTWQ/VK/94nMdf0P7EuCuTACg6OlANb3TxvfJGJTE90szMrpPDSuGsPcc
0ZyYioZcFMF0u1bGIXreLSAQYueZB+UjlUE9CK1bwVkZKHMkw6/rCuHfy33iwX03TteM3KcbYbU
r0jMubPPqZKGu18GqcZGjcoiXMuT8W4jYznxTyaG/3EpNsBnGDTgCaL5gKjjitNcbCQviHmlk7z
68lo9/PGiEVlYgutfEcz+uyxQYvBdH4TUIkZZZfRtstmSO+Xv8w4lqFvhUVPc616K5f0+N9SxL8
N5dyqXUN3h1xLTVQ6zYjhAglr7prhDX4/6ympjowZQDiImVrIT2uxOqmzoLLUlGMpEwWdpUMnap
AlBFfSASdkNSGzProELg6yzxYoLGruFeZPkct1RMrhMFgJYy/M6d3OEnDv/+937FTgoC0X8c388
o2FTznUqDPtk9b+OAgMqAKcXBWzHPFKa/zAMJWLAvdAccYWdGbpH4GdpR1KkFQCPmHVPkf1C83Q
/UgumocQ9JUtEVefOPxy4Ax6G0nRPXTYY6SPTGeNkTyOpZHbHV20kHiOQCwXVtv687TJWK/1GUi
I3B4niZ0nRSRNZAzlK2QRtLCh3PV9cNo/zlUw0/g0nNO0WR/UGO+wcQXmlvJqHqGO7CsAJbjz7Y
grFoO1bo50jUx1BDgXHiV2qIic2E3z0hj0yRpUKCuO6UCrbXYBJddse7pCMuVL98ir2qk2kEKcQ
9B8AiIpQToqDJ+KWunrzhZFY9zJvvOSm2SvzrmoiiAyKLIp21QGilufwZM/BmsJhH6a1BiuIHgJ
W/pMMH+UYaLo7FARLS/PdJjv4R16ZXQ0Msyb8UvHssR3bAD7kWAlBRapR7iXsame2gr6oCkjJxa
e+puc7i1gno3t9yt5Bq3znd0SDwrxlyJO6GmHO7U6CO10InxmJRbr31CsjotGl7l2aQB7ZWofGV
NxysBhAsHT212lSUK8XpwEgOEOQRjuruo5KUVUsbr8i1tm3gRca9fTI4CevsBguXY7C6njOAmND
celdwYCstgrKMfCnaz39oZpp/MfYgqQz2U5Q9BKPKWTscoC0UoBG4pS0W39+eT++yKdLswP1+Wu
wORNX+cnSCp2zKt4n7c9yypdZri1SuQekHnMioF9y+ZdlW27Aap4xM+SnzEe7A6W8hOiyoFJXax
GYdGCNqOVzMOaiS6W4ZLoJrFSSxyoqFI266N5IIPosRftKGPLwtKqq5WMttCjGN/zC3X2GX/Uj3
gp0M32X9rk3c4fXeVbjEBteagQLelqArRM0sANTWt1eTeD/fYCHGQzqV5wopIrgnlduGrlE/n95
VKPZuSW7kcyq2CpGeWX0cIX8ZERWXYLjIS32HuxyiD2zQHlldnOGaW1HFP2zg330/Fl6GWYFcOE
jmWeeTuYG1hjsSnMUS9rf49ckwErF/6mO6aqYIVVkKVFyT7kS7F4mHjVefHuAycCvh8VA21rwIn
fCTaukI+QFuAeshxLk/lE5+bACZ2X/vq1Q0UBrnBu33QPn5ptT9LEBqAgAx31CSFsS/oYs0Y43E
dR9mofc7UEDo2wjkiTWSH0/a/iZrT2taQuzJth4CciEqtSRdV7Y9agTY1kx0+zRRvvARTvcQfHx
jH27OzvBNeHxhOrZFzJHEn3w5jBRVMkARH0Xs3inOueB9e5DY7MC2FEgBMnAKzkD31lKMlVHzGz
6DB1cDfRZg5Lf/fBAB55KQK5K7saPgFuLnIo/tIxVAq47/vC86HUd73i0aWulhHniz7ZnkQ/fCc
Qc+s3/r3s2MHRzz28LWphcTl0oKvfP35hws4+vyYEUzNjClPEKAfFZMxf/hvy7KMHsGn+EzSSbS
svos5g/vc14hQQ4TKOQaV+NkisqHAYUegz9sWoUK72mMW9XtjvqApjd0sz4KQnJbDJhNUyGKZya
ddda/Yi9I+MNsm819K/hw4cfV3XgwxLErncWRlON7MCYT4G9RyaqrizhOZHysoAfvLHwlC62OTK
b2fg8y8C1Ab9Tx0B4FDGyo/0rNtsI6X/tXpNb8ddCPy0OSrMHoW36H9sPk5o2aLezKd5iDVfkxJ
bB1aKDmfixrnibDhOrMwQQFoobFd0NuhJWpDE8/VbgozoQhxt4RJCAJ3bWiJ8MmbVNeCFDUWqJw
rAnk1HtZW2CpBJZWiPerC2BK22FRpNSgaHieWGEeIao1+LsjatkSc63J3lZ56WWehYlQRJD0wdw
yhDbCv5f8j+a8DLB7ABUWoTlmqiKXPbAUIPgXtNawkK1108zjnsaUl51CJflcS9BO36CllFYrbg
jwRmComIqB6r39aW5meZYUUBdVOLpf4+WYh6aj1VjCqAjq1VQP2ongdeX+JwR4lgsrhxsXk4kMQ
jgbz24djZBwkYG2xe0MHkG4NFbgmUcNZ725EoLIHx8Up9YJWG5J/PlAMn3PFz3xuc1S3fDbs4ac
nHhmpGOPg89k92NmC7BoXM9XbN8aWCJhfiq1J4tu5Dlb6Q47uTmtnAsr3e6a2dhsEIaIIqR/CIt
yAxstEHWnmq9Hun23ldFAN679kJLpxt0tMLIDDT1GOH4twvg8qOuHDMIhecS3S1N3EwYaMfV979
PycwpmH2Y3RBZ0Cc1NFAIakxv6WgBRlNOW8pAiBFLWfYQRMUNlgdDzjQTR72vlwgC6J4Feta5Zk
9YwidcUTXSaB3he0x4WpVXVO1ZA+FLLoqRzDfU+rgezTN4V+FjE+ADP1CiwLTKWZ9OoaUEoVUyD
b/MaRKAszT5tY1rFB1HUdvRf5Ve66XeEh8H96+RyU364y27dBBWG2w0mzNQhNUag1R5JLHn45z5
hda3bzzHfciFk5j50TA0qFIVYTEY8yosVaEXSvsetujQVPPFSwmbx/pYWH0MgYOPz21GgoRA87X
94EW8oiReQ7QfsG8F+eqpmlIKBey3+w0TJB69U9IWhJ6CyhfIwCoLA8pwxHjiRLC6evWnBjqVYm
hjMeAvuhzbB7KkrM7vDUBICGWVCycsYb7NJYhw4qQzCKqsSCT+Fb/oSALT6Tray+eyNloWt/P1u
89wc5DGlzkBvu1BzzquGoC0sVqlEi+kZ0t2rqfNG8KwyQnm9PD73wB6Yg5VfAxamtqgQu4/OweI
TaWrV2a7pnctiVCm8o+3vo8Mys9oUgOKLF7I2Y3uQbAMyzUKLQ5XEk6DE0roaKk1qXnl/TRRhIY
PEAI0+pGQz3eYOZyyAnzzPmXwFaywEYcla7bxAVtxyXN8hDxyjpzB8A4UcMiii4HLSXpeHCeNv8
1vjM23G26KNz1eqTyXwuMoVtP4JMIBpkwjMpm8LkN2OTSjcsZxVoak8FNZClTzw7gS5sNXLdFkc
T3SmEUxjx9CSqXZoq3C0uZMQf4KinSDejZFlzOVVP8/Vo03AiBD2ykRx6K+pXHtYdQddfX+Fczj
59A/IZvcy74FaMFR6VMVeKMZwq5CoUsbd01RS6wSrljuLNcO1+sprIIqwbqub0DRplSdNRGG0Mk
23KUvpS4nd3lURvdPITEQflMM1kgJE0CXdT0zbvo9DWsbvGgwdBN/Ubs4D7Ug4p1GdupuFfN6Ex
kN0g6xaq4lqQOgYAWtaYzrclvM1kM4FWvJhahfhSVPsqLOdhjIKDT05X2cm8pfw5lZHzuPUVuMC
maOhHpbyc7ekqO3mAsJQN81X5VYCRDiO81Bb+DVXHgC+aDmoiVwM3ruzy/VqLHio2Kzg8q0szQL
cRtNDDCXS1hyo22w86ZvTIOKjMxLqYKFVcW4jRJe917+DDA5n3xWbiwXKbeSyMbvRfnoPBlVHZ7
DWje8aT9Z9YSWG4+l0K5gAcPqQ+wWBuIAL+S1HgOBPuOGgyS54ci6fATlQ85kgWlqgqWppckTX+
DVEcp6PW6R5hGAjuCjtPDC2JfL/adZ94s6m7+SuQ22MjF6QpkYzlwPmpnsyYsSHxO6npaGHpvx0
g/zigOVs/wLHmihRK8IAzngMkzue398NvpvEmdv6S8lGEUj9M8jImxDFlfj4jHCICtQlJIiXYjr
/Y91LViH+XI0hH2X4BVmh+ebamMgjBMCO0JdoL5U6MRtEuRz1N1v2RiEupPpYAuqtyv/p7CRWQ7
60U77buCu0UppUPTNHis7FBvssei44sxv9atlFebbIpbXg4+LqEycSm/MLBdXQ1ZJx9pMno4ttC
gmg7mR0Z9E5hcPkCBYyejXnm8CtoEmSkt8H4+PssqtYsprmBCenslKWqq62IRzPtCrb4b+snt3r
PDhrEre6f2a4lpy4okT35H9ZE5pZd3DJPRMwOfRBG06XWGsCh0pS2+Bca/68Q1FqLikogxa8DIG
MtzKRJzaTACH5wW6YqHLwdNSYj++phQosygnsBNGaYP6PkOizF4jVjkET1Khjjj3/YrEc4vQ3ME
v+4eBeN4HPLULE5S+e7i1cKOiiSTLrov1Mb0XNrAZEjYfEO/t66DwLZARqr7BVAP/qgUu1sstbz
9GkZwssJ/h5ILGALjMSkX/SAS72l7IBsWDq/ozcaJP9ZtpYJXyLYbOQKDt8xcbkDOg+idlVChzY
WABvfAT2Sks50ruL0Ttf1+bbGKezGYoUyBM6rPHrYgCTTKNbVJPfTIOZ4LFdG2qYZTMSvcMqUYG
zN7p335JGVtplKiiXBjHQbhlNFna+pd5VCJCTvYh+DwHnHw02rU8PzFrH+Yr0vcXa4tzJLfl9WN
YAFf0pJxK63OGGxC+91PVQMorz4zE4WAveIRqXYc8+waNIp/+chFXAfT43X85TfaKEbI2FjfBXk
SXKRDM4RdzHwlSsSC/gNA7Uy7phndqxrLI+18wOVXtwXT411Rk/RIBXw1HddPk7wXYi8UQ2DGMd
g3zNdDk9C4H0OvLttX+X9jynJAcoB5ioTb/Y7KNMftUVLstL0IuoJ2A/+9pZzRtkdNBmgw98Qgt
adfLnpnvQX8a00HpoOi+XIk+buA5+zXNVKWxKznF82x4k5qlccDjkgQdYFYmr2Mc1t479WBRiSr
lC/ELpnm7lCA7wLIUO+u6SFJZxcfS7IiDvehprxUd0BQEN8fvNLY5qFZq2LtzBk6RegRrtQdT8L
yO56wF9DSfPx0wZwk6eTRII3mTbbpzLGsZXKeSBPVRveRA5CXQeZDKTkYt3Tn4vcTbYgjf7xpNm
NMntB1ozG6g3SN6sCFkAr9tEbkeIbI3CToMGdO0PpCzXRWtmhY/GVmpsC+M0k9Lm4yHg2Ju+zwP
skaHGruJZaH+u3z03TbSE3Zy4Ksku80mBb/x5auJgUfS4MGkS4pfSCSkHYf/AJzDOMIqSJaTKrm
SQ4yENQNX+dAjfL95LHzYarjIOosmLOW5+gtxh/hyKxw2loeg1ZNKbP4UHTC7RpNqZaBQ9w80q9
LiBeD1lLn5ZATWDYleWtRvWX04hiFsduNwuSad7lTSdwVk8CYfAM7/3LouTMrlzv5xva+5Unune
b4QYnrSOeahi4eIolMJr9bp9vwrxoMVeD6vGskL3EEZOj1R+te7s8xtHZFqMhzI8PuvADaBZVHK
U6gNoKSL1zcY/fDK8jH/lLXRjbNAW8zuxrRQpaGaYQePfCfVFOPS5uWdX6o0F3RQbTta3o7lMiA
ytwVpyMB+ubHk+h8HhgaOpVCIXR0NIC6tbIMkFj/HlnM7qA7AqBcmjq+pGKYpxFKiAMR6H/Am2l
zDLmHZHhHXPU+mUn1+4vcm0ick/X2jlItm0d9g9zoDRScxVBE4TqoA7i/tiKrNmsPzepGLG5XRn
ia7Ob/Y2y8hKe6e0pv/4heatS6W27oLbq6HladNRwzdUHrM6cB6uqzliQwW2BFctNhQXqzmbsmq
xRNaIqbMO2YAxVTTHGD7UFMtPlbpCUkoHjn5wVaQrOORrnwokF1qE5Lm4x4fwqDUEnn1IKNHvPM
TrCGv2Vm2zFGpMIpGLOMRYTc/ybNORLjT+jNaS2pODBtnQuJzmxzoHZ9VcGwtWhVi1iGreZdADw
LjOBZn/wZ3r027FK2iNFsOmf15nKno4qH63TWLb5aPA/MS0xeOYljjxcEIn0Uz++sRS+aRSvE7C
MCtM76kWVs9muGguf+Dz/wE6ig5WAD3WdO+eJ17hkoibdCZfL/Alm3+65G8DbbOa73pZXErvFBX
YHqj3x96mwwCETADiDiHt8wxD4brEVK8qSgZoYtYLNRuhX1ZIe8J88x7NsUKGHQ8SJ6aWGnc8Vs
uBipV38rDsG+f98e/3l0j1++vguiURp1B+sOco1H3oa5dsAjfq1On1rXwnqPJ/yj3OQPlEhX8Km
JOpcTuSgfhFq4uhC4I9w7VvsVOpv+FYr7tESGpPmyYp/OU2r5ZYlwEMBsdeD6myOK45wSLX3g+x
DP1GIEQApRD0lwlvlirqPAUgdsWvI44ez9ZSHuBBW3dmPx3iFH0HJqXyUpAV3MUY3d7kTIUhq1J
i51nKzFEAG2dAq3oUDBVxfuWaGwuCl4RE6Pqyynw3jOCSOXePx9ohYUTJLfpBeeD1smsITdyQku
0bC6Iwq28NZzN8RqHZNqPtat1gMGDoCJhj4m/6cSvjsryBBrzJARf3pIEKCsMgobbkQ/j1woO5U
SYe6a4G58SoPbQX4bFMmbIxPpWhxw475HQbJMrzGnPBOxYRRhIhIYona//Y9/8qY674cDSQ+UFk
J6ZaW3oB8M0igW3QJ5mcsT/yxrjXAVAUh99AUfANjXr9Op0xO19dmRk7I8YdphiW6JgkebmG/Sy
ACCFSnJ3jHqy57hk+RWE6na078qRkdOPLdIPXyJEuy51sbqg+T/PmeBrH9BJWqExALXtoyNUV+Q
vUVBwfFU9edLqwAumk3jx2huCzw/khTwsckM+MQ7RS4AaxYr/DPZM5vS7GErRKIomHZrqH2BED4
SKT9k6Z9vjBBPAH9HnOeEIt1yXrS+kB6TKXVOf5vwQ3ch4dg3hurYkg2zkgQ76hTReuY3jWQl5X
KDEJYkhLctCniZYdr7GB/Oiaw7f/bCS5uvBmdRYVhgbABfzPZmrSCEEiHX2Do971T66JwHOhnAz
VBbIq8PM/2ffxMLYOtdFj03N/RGdoBW21JXCl9igBdi8V0E3ACQAxxFfOWsRVvO6TiSliDZYaS6
ms14EOdR9MsWP5VJjd39FzXx0rYjRPHNcuZnc+a2GlgPKLOXb0jBe2Ype86z5RqrLAedpYCr0ek
3XjwOVZk7gvKMbrAf9S4EJKSIHZUSKEnZHNlEQUlNv+RSMIIQFgIBADAHBgUrzg8DBASCEAYEgh
ACWvBF4gxCAIWyD+H4Rm38IOhAL3ihN3//g/4Av/EQfweADhSc6Ln/DGEn9fMQPxi+Hv/jL8vQB
MEAgiLsABB50XyANvZBE/8fwfGEmw+EPuvB+D/BiBz3BgsHowkN/4OF8D/fj+AINfAMAQCIH49j
///B89sIPc0IhOf+AYPE/8AiA9/3TA5/Q/f+EIPDF4vQfKD/v9/zxegAEQD9GQIx/J4AQh8D3Sg
AIAf973w9/78Ah56IYPC2f4wiEMI/lIEAOhBsHwCCH4x/AHmRBHz5A+D/nSm2QPwe77w+CAD3ue
GQH/9IDvhf+IvwgAHwgi6IQ/dCIPC9IL4BCKIf+A4LovhD4IBdKMQBED4QPj+EHfhCDv+kJ3Xeg
FsHd9IEnuA6D++eJ7ZO+B8AtgF3xN/ALYfBADwA7N8PgDAAAyb97PgG98RwAF4QRiD74v9CEwgC
GIHffP8IgkB7/eBAIIeBJ7/f83oYgZD0Yg/CP4ui+L4QEJzoxkGEIAgL3gA7F8X+7F3/y//zw+e
2YJPh+DYAhB3pQCD8Ike4QPRiKLogfB/gyC+EXhfIP4ikBv/r90Igxn54AB/+Dw+GEH+hlAH4ih
/8BCiCIASd8Afw/ALPhgL7//C73oB7AAGwg98vy8ME3wH5/5fjD7nt+JoIwD8InxEAQAvl2EAN9
F/4OjKHwiBB8HxgzkYihHzwTeAD4RB6HYgjAH4QB+HghB8Hn//9sIiBFz++hHnoRb6L/i7+QeQ+
6LhPl8EJAAJ/wNl9/4RE4DoQDADvx/CHvDfF/YicKMIvCHn3QBEMIPh+Mo/jKEAuCIDwhFH8QfB
EEHOBADhAB+IAPd7/3i+GL4we/zwPk8DgBeIL3h+0EAeaB0nP+H4fv9J8YBA774/A/o3+9EIJAi
AIAgD38u/iHrwvBD/3Q+L8oxf8T3ygEH3wACLwwlF8IBeALwufGAA/i4D3w/D7/xAD8P/jGPwv+
F4P/fIQIg7J8QflB33ycCcHgAEHYv/9839j6LoAB+P4fAGIRBBF/+j/AEwACL4H+i9v+/kKLZfe
8HXgDCDo/ACIIQBF4B/EAPnAe+MXQAB03wj50Iwi/7xPh/73/fCMoO8/3oxg9sHRgwAIPjJ/vfi
IAYhg6IQ/++AHgcGAwOD77fMmFv4f++AveC54P/hIIRPCyEpDBGHwgiAIYL7yIW/gEIAeDCAfyf
AIqRgCDw+HCL4ya8LuAC+EfgC/f4vAKARfg+T4Oi4Xg/C+cAxg2IoecEbwQfILwgC+MPvdCDedg
6QXwD+HoQax7YeaCAIegHoQR/B8mxe8Q4h+8DYQ597wgB+P3QGDrohC/4YOg8IgBiAQARAJzoAB
AIPQjKUA+86EOxCAAIs4CMJwgIMovgH/gPl2IYvC4AIdcJ8QQDH/wRjD4oiC7/YDBJ/pAA94PAh
+EAReCLwAe8IH9A/4BBh5/4id+XngaH4XgA+HpBE8EPg/8D/i98II++57wum6EHvA+PQAfD8n/g
GABPcF8JOC7/fxEH4YQ9EQQhhEAXQf7oPiAH8JBe//gvD0gpPj4L3x+53/weCMBgACDoA9GMPS/
z0H+6/74+jH74ReCUJB+8PeweCE/uj/kAuD5oHQAIbpOeAEvRl+LYhF8T3/9AAIQ998e/gEL/gj
CMgBBEAIdc3wISg+AfPCCEfxCCIXR8CL3+i/7+yDF8XBAADof96AIPDAIXxBAy0M1w8DByj4HQs
bFwD+At/F69sSF/oA6QQp+Abn+SwjHAUL48kH3+n+9fMC8UUJyPXt9BkJAeQF/vbq5BfwMPkPPf
vfAuQcw/cL2OcO/xvuHwEVB0UbFdYMC/sbFw0E+QjzCxHVGCkvHDf3HQbuCALy/BP/7ibEye4FB
tv7K/gKFf3k8czbE+bbAQAk8gr1GObF9SUR+fUS9fQH9f8A+/0S6gcg/Bfn3Qz53BIJGBQKDv7r
/ekM8OQAG9sH0iLy0vcF9wv/3v32A/EO6OEU8AXjBQDlLPPxDQ8UIPAjFR7dI9Qw5w/zEyAFH8b
rDhPy7/nuBg0DCP8e7/8F8gP1BfQhDQAWC/7/Grb34gwN8+nLAwcJ1vfxISINGg8N6NX+0QIP57
vy/SYODN3l3+gTCAb4CBEGBv3bJ8cC+ST85Os1/+TZAv7w+xQg4SsbB+zuGsodFP3/BBn0+OT88
BH7Pfv/HCjkIeQQ/yw+8QkKBe0X8v4L/foB7QghARr98hYs59cH5BT3ACX8NA7eBwAr9BcQAj81
GNPNG/jkDfQdDRoHJBAazOH/GfcPAczVxC/NzyUXBxDtBfjjHOsE6BcxCN7W0gP29w8NFeni4/v
v4OICBxL9CPT4DAYGFf7qJALq/Lv87BL0+gr5HBz9FxH5SR/x/ggL0Rrf7CIDI+YOFPQU3fLy/g
zt+BQD3uTF2y0CFRkdIz77Ch7w8ykI9AL0IRP98PwQ5CYXCvQIIAHw5+nQFO8NHg7PBxsm7Bu6C
xUjDRnu6A0RLNYCDuUc5Pgn/gkM9BTg6QztGgLh8ffrAcAj6R/t/QEf6A8fDeXiACD3COsmKjAL
APr8Hvv++wXuBer8/zbZ8BELDUII/SbsLOYSAiYPzeYP7xfr8gf7EwP/PSIK2OUABOAN4f4GCgT
s+AntIfQN7RcMFO746+AIAvTyHeQTFjDoIuz34eIo3vTi+RXw/ADf2+YW3eQb7O/uEM3z5/YE+N
zfD/Uf3yMb6wU9Cw4y+NcYCyn+A+sJAPcjKg36H/3WCAX2FewcByH2JL4A9jALH/oh/RP63QnPC
ffk7CEFDPIAxxzWCvk2Bhbw8QtG5tccFxo8IAT8D/8m/wL06/AkAewaAODdMgr5/+nrFQINzfL1
6Qbetg7eJfPlFCwB5Mr1//ci6h8IDB3h2AP4CUvs4EEoGBgP5eEG6RwD9QAl5+3vC9/7BAIDFN7
zFOD/+f82DPYZCADrDhUf5Afy5fz17hIIAAomGRAE5fEG/iUcDLD1zAgI4u7o+UYeGgMZ/Aj38A
gJ//r93ADy/dAUKBMLIDDqCQ345fvyJP2uHCb40xXKCPMi9zXvGRHg7On1KtsH+NURE97d/Svt5
gpGJleoYNB+WQQjwIlMLFUUuVAjqU50XVVX/ML2ZQDO07XrI5quGqrGG4R8rhd7nRQEsmmlU/qd
3TNKs8ezVggUoAuh8UJlkG0s8LcX87v5ktWRFFgxvbeR9EHEV2SfKyykhnQq4qLqgGwHFBDUWEd
5E9VleirLepe25AiuWIu0dPnUhqksE52awJZdgjumAXFO7Xs3gOp7mgwKr97pEoqgL4N00AuHpx
9uEv9ZP2BAWKqDgHUbA6JRMwdZzaMjxk7wvWIrDhhNpl6DLWrQn9bLWq+JwKtq8gouPQYnNW8jT
ZHBcmbOY/Q82s3B6NcgrR3RuqRfRClqeyuMG0SBdWrBe9cODrGWKV1pw4JWcJuXadRHDPJnb1Kx
Ci5Tk0QuJF3OQ2HRkcpwxXXHwBpzsA3ON9vjFG5KKyVVrrtprFfJ4u3tPTadoYYVfof8YfXjgKS
9KPuGK61rGtHhUS+u+k/dsMU1nAF1eqa1Dd2+q+Aw9wPE74rosYc6DUGCAs4hCSC2Gm6s6RfBdH
j1chWX6+Wq1Pm479fsnzqak3MTJxHgK6sI3X4XhYILzRd9ZTYa+vhuBnUYzKpOoXR69Q07XpY7m
zVXA3pux3CwHrIbGiZFDHRmhxG6nYwGwm3jEYfq/VK6bqhkVeWGMp+SqYR9WgceLZhpYJUzDJhr
6EowMKQdOdE2GwTCx5SwllpJX4yGWW6mnpcZLs7HOoHYTwPMSap2pOhbzDcBjGtYseIzY+GbVBs
4cJS4kaMlDSqbtaZoBaWlcPYaIq0wWrEzQ2Z62jowVKkEaWHFgMabv5N9hOiIhGAtsBSjRVr4nK
IDKyxXYSCJNNnnmZySLuplmmd6diyuqfxZxYbSYKvi24IFyCAR5QbuevmaoZMJtmgxoyr/QKBQk
tRU4IpuWyU0O7fUChQFKHRb3Ykhyh+lJ140RMW6ek0W67k6XmCYSkUeRCOT50LsbfjEZuRNCYKB
ItEMUzlrFqDTrZ9rQVb9coqREi7EFgq5Xpdl+LD0jZYfpnxXsahXChjJiaFwLBl6yZek4A8cKOz
6owSSMnwSYDmkZq9txrQKEoghoLjs+HeURzS6iWM3iA69aixIj9ryrfXqgziiUWK59DnSywcVnN
e56V82GU0SWVPrjo1i/KqkAsw1nZixlhKCIiKRdU2r2gGdlxpJIJVYrnWmIKokcaV2s26caIzaH
wVfGKMnDl0YHpYTCoJxakvb5Whc2nMkR0gFAetgqYgBllGSIq+iZibhUfNE5TiDUdu1Dy0eLRZC
JXtdenKKBuLqKDQa3QsG2ejACLFZ2SYs/JmkRPo2CuRATGcRCCsACxJMUYMnL1edqvv6oo2b2iz
VF6+cah6wAwEl/KIN7HRw3b1pNgdXZ6kLmkW741yrP4CFMsBm10CC3iVwadtqjhYjslprLojsgz
bkTZV3NmFbwyLTraKy2xOVYq7gyuWFnQysFjlLEiq6hc1AqwQM359oIFhkS3guqtxb8lWhlmAUU
b6mLZzIWYkZ2lqgAm20kWc6eiJc5ccYq5B98ih3RaZv3k9qXEFoW7SI2eNW8458abUBGJBnbfsT
S9mtRFyvmapGLJnkamGNW3cGSLq5eqrpCkakqE2WlSeZu7e/2pGanHgL8SLAZuI6UYkVSmz46GG
Q26SHioBjwqIURGHX5ZPGq4LuxAlb4AV+DP/A7QBlas429ORQ/puG2hbnIbqGeiQbD8TitkT7Zm
CMGbX2EzBSGQ6FuJ82stA8rLQeVvzFPV3RYRPU60ZZ4iT1w9QDiLaVBasdjHNGTPmoYQ4gGqJYR
ooGLc6CFjSPqibqOUc+3aQN7JF02uxnHCoklWKLaaCtKjDZCTgkZIBA6dOvhH3KcCApwQC59In6
GA60/l4RnK30lHnna13o+xrJqJcSW9q/cvtmE4b/tDKSJ7Ovk2FaiAf+2sW4NHJrCi7fYLgEOBX
oyma08YpTxjKvEq579UfHu5z/c63N7lze+lHE3WuDqf9YHxZzTV78obKMWgOV5BJlCOh6Oa3AK8
DaN13KosVPlnt06Ab+IKZLFNdGMEYLvTHF+PmFB5yyt8rYJ3RGLKmGJhDOjTrRAnekVVhJHwLPX
xhYhHMD7w2NXm0bSkBLjZ7xnBWNHt4uKlZWz1xlK37YB9kIFCBpG0bg1QsjYXmFfZF/RIinYpXV
BE8Fb5FCwodQ6cAZKZvfeEYy9vRUjhzMy2AG2ogziogkFgOZf0WG2EpNAlcIgLYcYqQtRg0Gv2W
ETMAdGmtKd0ewp8HAKnRzIGdGvwjaFu1YJUiTCmje4mjqa1BTJWVq3BuIqN5s462dSY69t/OxDt
6eeHxVUlzdexw8Q9UIeWraqDTQml9Poc/7mipgOSx0KLHPNhYVGUSXAeQ6NHoh30KwMIIG/gIBA
DANBgkqhkiG9w0BAQEFAASCBugwggbkAgEAAoIBgQCc8x0qq2jSuQhAVnTBLJpeYHeUa/x4tZlL
UhbTziOADVcmHwJaupEXAzViCqoQ0Nk44ZmR9sdDPatz/Pil55Ssrv6NAEtGHV5HWkdU0AxAtcU
D5YXQbNCNEDVyAtVKlbYBokr+jS7Ed7In3+5fts5tenP0oCaAD+gi8zbrNffFXowZMzCZByQaz2
JkvQZjS79tx6YxEHWeTdnmIUpg+ueluRGRw2+hSAFBdPIZXLKDbSR9WrTsS/kEBmrcKZEbEIyPn
yq4iHvivtpi0rgqGjprGvFo2GTvoJ76GOdZEutkU0et+CEbtmexUmySf399o8EufEf293W37Dgg
P6aA6ipIf9knBIekPjueWaxOY6AU3aG++htyVL0rlgcxwLKFEqXIM6WvTePG1mkcVNsQSkFr2Z5
+Bn/+vYVBJYx1EDTqNj0/fZY1MasYDuWXImx83iCbmBIGzZ7BCAgFL9rc8riKAw5IRVQWXCEX3g
8x4UbQb9L0gq1MnqxVsn5g5MjpG8MCAwEAAQKCAYAMQF7Wr0CxSk5Rlce3y8wh19sdxxXGZztkv
Miy/SFnF1ayz0x3Jp8fmIy41YCta8NSt5GUULSaeoLniY5WhqHj0b+YsOnI7fWN3lQF7XBqnYXL
WXkjnVexdNvaXxkLoToiHVGuiZJmaO2LduVI3wbbVunpGGNI/EGwdyNvVh9V1QNcqDlMu/KRwTF
UdpW8EVqlFPOgWtrDlVIprtzIGAd8t6cE2Nuq6RybLnTQWml47UxVS+WMy7VphTkfbIM7BWr3Zn
E9+BQRok5EmmM2mFEp91iSUXAlRtN7+5MQYhxpXiR3fm+FlTyR9WcnGtYADxZUM2H/+9FLV/vM2
4qXLqDMoVt4D3mf3oMH6FE6y/IN/IqC3NxH1SVYlU7mgsYkSh7XzO0i1rH9oEW4+mc61raj9Cta
KrHkzjKhS02fd9o2oOTX6z+A31+F3h6LukwDAhl4ZsMdHtwF5bzMeRSPhnb3G+Tqo3WXrUfhl94
oWkTumn+5Uyb4y2ucXlEIjJVwSMECgcEAytJyAIePKdkuTi66UOl3v+cil3iQfeOPR/XhclI0if
kpqkt+K7HC5tQR1eckfcoiRg7uvOPSGCm1x8EYNqf6cFreofNvhcCY74hyeyuubKeIwcqS11uoX
4vrq0zeVkMznpXhPQaxDr/MPmBF1F/cO+iXEESZ+UQ7C8ou1XSGk2GhIDMMgEJ4xHi+40TJXs5+
rmEuDx2sZuq61OKJ/is7YZRFB+EczXexLKAou+w3vn0rIwivQY2VoP6c09IeNbOhAoHBAMYZrr1
xKjUCnu81BQ4gm/Z9F1L67ISve2x8mqzvxeveYk79s8KsSyhfNpyW5iYY2mwenSoNfX6mFCIaR/
npZR12po9eNpY9/47fqS5Ds3guoGjve+FZcPx3bEpelCrLPvHKwefz/QdrlcTHSQ84xo3Em3afU
S8sZSA7n7L4YgrkkcDKAFka7sTgmgE8srwnunYx9fApltvu1B5sY8P0u0Kce3spL5yTywo60faC
6Tcll0iUlt8KgMYAH55i4hpU4wKBwQCT/Se3oTHhvBkgbNH/tcptmK3RzePIJ2FlhVBBhR/WyJo
RKtJd+W+X04dMB0LGEdYePkkOREEI5m4/2XHcd4axsmwdyS1Hb7dnl6zImJ/FohyUIkYwoy1gwg
xsSkM0uAYTIZNeXuKUO3hAzyhEhMmCYPzQnu2mRpW6zYSMtWB4a1UQ1I67i0TpPp0x4P/5kDw46
qmb1+/yjDVUnhNIBK1oTrJrxGKqvTnmsNnn/LzT3iq6fly6PR+/f+hYWkk2r+ECgcAvl8H8b3Cl
dbC7ZXCGeV0e9eShofkq04ICiVkbzSsuxKm3son6bixMUbusGTDH3Fa1fRFjJgSNZdcWblv2dZU
+Y+AWN5tDszdvmtppbAh1Cjatn0OS20sizIouv9Q3B8dijcTSNjMHEljUAtDRoGFLc/2pnRMDE1
ZkTQ7MD5J2bX165Mz6m1bb4938CBokzCKm/M/KWCOPSSya9o1taaGHmlKsPzPaGUPBfGovIDppb
lWPMWuhwEM5zpPKGJWbn+MCgcEAvXFLGhtsMAJX2PKXSjEnq7NsSNGtI0IJgp/pqu2fbDZf3eYa
okTjcE+SB/TEurfpeM/XGnlxGOz0AnqjrYFy4Ha9borActrMODELIziGVbkGoQCsYCZZqGLbXI9
2pwdQqyJ9WCTRA+4nUvdPWKu0PxyCvbQ51s4/0V+ffpCwjc9WMg0SAkn1C1sWu7yWWRR6bdgEBA
J2yh97mTCfBQXHBeZ3hczweJYx90n1T94G/6ixkCd9ZllX+Oz6a2lBHZ7c
-----END PRIVATE KEY-----

Appendix C. ASN.1 Module 

<CODE STARTS>

Composite-Keys-2022

DEFINITIONS IMPLICIT TAGS ::= BEGIN

EXPORTS ALL;

IMPORTS
  PUBLIC-KEY, SIGNATURE-ALGORITHM, ParamOptions, AlgorithmIdentifier{}
    FROM AlgorithmInformation-2009  -- RFC 5912 [X509ASN1]
      { iso(1) identified-organization(3) dod(6) internet(1)
        security(5) mechanisms(5) pkix(7) id-mod(0)
        id-mod-algorithmInformation-02(58) }

  SubjectPublicKeyInfo
    FROM PKIX1Explicit-2009
      { iso(1) identified-organization(3) dod(6) internet(1)
        security(5) mechanisms(5) pkix(7) id-mod(0)
        id-mod-pkix1-explicit-02(51) }

  OneAsymmetricKey
    FROM AsymmetricKeyPackageModuleV1
      { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
        pkcs-9(9) smime(16) modules(0)
        id-mod-asymmetricKeyPkgV1(50) } ;

--
-- Object Identifiers
--

der OBJECT IDENTIFIER ::=
  {joint-iso-itu-t asn1(1) ber-derived(2) distinguished-encoding(1)}

-- To be replaced by IANA
id-composite-key OBJECT IDENTIFIER ::= {
    joint-iso-itu-t(2) country(16) us(840) organization(1) entrust(114027)
    Algorithm(80) Composite(4) CompositeKey(1)



--  COMPOSITE-KEY-ALGORITHM
--
--  Describes the basic properties of a composite key algorithm
--
--  &id - contains the OID identifying the composite algorithm
--  &Params - if present, contains the type for the algorithm
--               parameters; if absent, implies no parameters
--  &paramPresence - parameter presence requirement
--
-- }

COMPOSITE-KEY-ALGORITHM ::= CLASS {
    &id             OBJECT IDENTIFIER UNIQUE,
    &Params         OPTIONAL,
    &paramPresence  ParamOptions DEFAULT absent
} WITH SYNTAX {
    IDENTIFIER &id
    [PARAMS [TYPE &Params] ARE &paramPresence ]
}


CompositeAlgorithmIdentifier ::= AlgorithmIdentifier{COMPOSITE-KEY-ALGORITHM, {CompositeAlgorithmSet}}

CompositeAlgorithmSet COMPOSITE-KEY-ALGORITHM ::= {
  CompositeAlgorithms, ...
}

--
-- Public Key
--

pk-Composite PUBLIC-KEY ::= {
    IDENTIFIER id-composite-key
    KEY CompositePublicKey
    PARAMS TYPE CompositeAlgorithmIdentifier ARE optional
    PRIVATE-KEY CompositePrivateKey
}

CompositePublicKey ::= SEQUENCE SIZE (2..MAX) OF SubjectPublicKeyInfo

CompositePublicKeyOs ::= OCTET STRING (CONTAINING CompositePublicKey ENCODED BY der)

CompositePublicKeyBs ::= BIT STRING (CONTAINING CompositePublicKey ENCODED BY der)

CompositePrivateKey ::= SEQUENCE SIZE (2..MAX) OF OneAsymmetricKey


-- pk-explicitComposite - Composite public key information object

pk-explicitComposite{OBJECT IDENTIFIER:id, PUBLIC-KEY:firstPublicKey,
  FirstPublicKeyType, PUBLIC-KEY:secondPublicKey, SecondPublicKeyType}
  PUBLIC-KEY ::= {
    IDENTIFIER id
    KEY ExplicitCompositePublicKey{firstPublicKey, FirstPublicKeyType,
      secondPublicKey, SecondPublicKeyType}
    PARAMS ARE absent
}

-- The following ASN.1 object class then automatically generates the
-- public key structure from the types defined in pk-explicitComposite.

-- ExplicitCompositePublicKey - The data structure for a composite
-- public key sec-composite-pub-keys and SecondPublicKeyType are needed
-- because PUBLIC-KEY contains a set of public key types, not a single
-- type.
-- TODO The parameters should be optional only if they are marked
-- optional in the PUBLIC-KEY


ExplicitCompositePublicKey{PUBLIC-KEY:firstPublicKey, FirstPublicKeyType,
  PUBLIC-KEY:secondPublicKey, SecondPublicKeyType} ::= SEQUENCE {
    firstPublicKey SEQUENCE {
        params firstPublicKey.&Params OPTIONAL,
        publicKey FirstPublicKeyType
    },
    secondPublicKey SEQUENCE {
        params secondPublicKey.&Params OPTIONAL,
        publicKey SecondPublicKeyType
    }
}

END

<CODE ENDS>

Appendix D. Intellectual Property Considerations

The following IPR Disclosure relates to this draft:

https://datatracker.ietf.org/ipr/3588/

Appendix E. Contributors and Acknowledgements

This document incorporates contributions and comments from a large group of experts. The Editors would especially like to acknowledge the expertise and tireless dedication of the following people, who attended many long meetings and generated millions of bytes of electronic mail and VOIP traffic over the past year in pursuit of this document:

John Gray (Entrust), Serge Mister (Entrust), Scott Fluhrer (Cisco Systems), Panos Kampanakis (Cisco Systems), Daniel Van Geest (ISARA), Tim Hollebeek (Digicert), Klaus-Dieter Wirth (D-Trust), and Francois Rousseau.

We are grateful to all, including any contributors who may have been inadvertently omitted from this list.

This document borrows text from similar documents, including those referenced below. Thanks go to the authors of those documents. "Copying always makes things easier and less error prone" - [RFC8411].

E.1. Making contributions

Additional contributions to this draft are welcome. Please see the working copy of this draft at, as well as open issues at:

https://github.com/EntrustCorporation/draft-ounsworth-pq-composite-keys

Authors' Addresses

Mike Ounsworth
Entrust Limited
2500 Solandt Road -- Suite 100
Ottawa, Ontario K2K 3G5
Canada
Massimiliano Pala
CableLabs
Jan Klaussner
D-Trust GmbH
Kommandantenstr. 15
10969 Berlin
Germany