From d7d7b2c8a51a5e48019034f0c1533005fd398e45 Mon Sep 17 00:00:00 2001 From: yuhh0328 Date: Wed, 10 Jan 2024 06:02:25 +0000 Subject: [PATCH 1/7] Updates : add tls-kyber --- .../jsse/provider/NamedGroupInfo.java | 6 +- .../java/org/bouncycastle/tls/NamedGroup.java | 36 +++++++- .../org/bouncycastle/tls/NamedGroupRole.java | 1 + .../bouncycastle/tls/TlsServerProtocol.java | 9 +- .../java/org/bouncycastle/tls/TlsUtils.java | 3 + .../bouncycastle/tls/crypto/TlsCrypto.java | 15 ++++ .../bouncycastle/tls/crypto/TlsPQCConfig.java | 59 ++++++++++++ .../bouncycastle/tls/crypto/TlsPQCDomain.java | 6 ++ .../tls/crypto/TlsPQCKemMode.java | 7 ++ .../tls/crypto/impl/bc/BcTlsCrypto.java | 12 +++ .../tls/crypto/impl/bc/BcTlsKyber.java | 66 ++++++++++++++ .../tls/crypto/impl/bc/BcTlsKyberDomain.java | 90 +++++++++++++++++++ .../tls/crypto/impl/jcajce/JcaTlsCrypto.java | 30 +++++++ .../tls/crypto/impl/jcajce/JceTlsKyber.java | 65 ++++++++++++++ .../crypto/impl/jcajce/JceTlsKyberDomain.java | 90 +++++++++++++++++++ 15 files changed, 491 insertions(+), 4 deletions(-) create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCConfig.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java index 15cca607d5..b41df8237f 100644 --- a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java +++ b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java @@ -73,7 +73,11 @@ private enum All ffdhe3072(NamedGroup.ffdhe3072, "DiffieHellman"), ffdhe4096(NamedGroup.ffdhe4096, "DiffieHellman"), ffdhe6144(NamedGroup.ffdhe6144, "DiffieHellman"), - ffdhe8192(NamedGroup.ffdhe8192, "DiffieHellman"); + ffdhe8192(NamedGroup.ffdhe8192, "DiffieHellman"), + + kyber512(NamedGroup.kyber512, "PQC"), + kyber768(NamedGroup.kyber768, "PQC"), + kyber1024(NamedGroup.kyber1024, "PQC"); private final int namedGroup; private final String name; diff --git a/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java b/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java index 18721f2e1b..2af39b3985 100644 --- a/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java +++ b/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java @@ -102,6 +102,10 @@ public class NamedGroup public static final int arbitrary_explicit_prime_curves = 0xFF01; public static final int arbitrary_explicit_char2_curves = 0xFF02; + public static final int kyber512 = 0x023A; + public static final int kyber768 = 0x023C; + public static final int kyber1024 = 0x023D; + /* Names of the actual underlying elliptic curves (not necessarily matching the NamedGroup names). */ private static final String[] CURVE_NAMES = new String[] { "sect163k1", "sect163r1", "sect163r2", "sect193r1", "sect193r2", "sect233k1", "sect233r1", "sect239k1", "sect283k1", "sect283r1", "sect409k1", "sect409r1", @@ -130,7 +134,8 @@ public static boolean canBeNegotiated(int namedGroup, ProtocolVersion version) else { if ((namedGroup >= brainpoolP256r1tls13 && namedGroup <= brainpoolP512r1tls13) - || (namedGroup == curveSM2)) + || (namedGroup == curveSM2) + || (namedGroup == kyber512 || namedGroup == kyber768 || namedGroup == kyber1024)) { return false; } @@ -260,6 +265,21 @@ public static String getFiniteFieldName(int namedGroup) return null; } + public static String getPQCName(int namedGroup) + { + switch (namedGroup) + { + case kyber512: + return "kyber512"; + case kyber768: + return "kyber768"; + case kyber1024: + return "kyber1024"; + default: + return null; + } + } + public static int getMaximumChar2CurveBits() { return 571; @@ -344,6 +364,12 @@ public static String getStandardName(int namedGroup) return finiteFieldName; } + String pqcName = getPQCName(namedGroup); + if (null != pqcName) + { + return pqcName; + } + return null; } @@ -412,9 +438,15 @@ public static boolean refersToASpecificFiniteField(int namedGroup) return namedGroup >= ffdhe2048 && namedGroup <= ffdhe8192; } + public static boolean refersToASpecificPQC(int namedGroup) + { + return namedGroup == kyber512 || namedGroup == kyber768 || namedGroup == kyber1024; + } + public static boolean refersToASpecificGroup(int namedGroup) { return refersToASpecificCurve(namedGroup) - || refersToASpecificFiniteField(namedGroup); + || refersToASpecificFiniteField(namedGroup) + || refersToASpecificPQC(namedGroup); } } diff --git a/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java b/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java index 724cfcc167..8370a9474f 100644 --- a/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java +++ b/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java @@ -9,4 +9,5 @@ public class NamedGroupRole public static final int dh = 1; public static final int ecdh = 2; public static final int ecdsa = 3; + public static final int pqc = 4; } diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java b/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java index a788067b64..30f4f0c1b3 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java @@ -12,6 +12,8 @@ import org.bouncycastle.tls.crypto.TlsCrypto; import org.bouncycastle.tls.crypto.TlsDHConfig; import org.bouncycastle.tls.crypto.TlsECConfig; +import org.bouncycastle.tls.crypto.TlsPQCConfig; +import org.bouncycastle.tls.crypto.TlsPQCKemMode; import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.util.Arrays; @@ -405,16 +407,21 @@ else if (NamedGroup.refersToASpecificFiniteField(namedGroup)) { agreement = crypto.createDHDomain(new TlsDHConfig(namedGroup, true)).createDH(); } + else if (NamedGroup.refersToASpecificPQC(namedGroup)) + { + agreement = crypto.createPQCDomain(new TlsPQCConfig(namedGroup, TlsPQCKemMode.PQC_KEM_SERVER)).createPQC(); + } else { throw new TlsFatalAlert(AlertDescription.internal_error); } + agreement.receivePeerValue(clientShare.getKeyExchange()); + byte[] key_exchange = agreement.generateEphemeral(); KeyShareEntry serverShare = new KeyShareEntry(namedGroup, key_exchange); TlsExtensionsUtils.addKeyShareServerHello(serverHelloExtensions, serverShare); - agreement.receivePeerValue(clientShare.getKeyExchange()); sharedSecret = agreement.calculateSecret(); } diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java index 5a02e05e65..816963a798 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java @@ -40,6 +40,8 @@ import org.bouncycastle.tls.crypto.TlsEncryptor; import org.bouncycastle.tls.crypto.TlsHash; import org.bouncycastle.tls.crypto.TlsHashOutputStream; +import org.bouncycastle.tls.crypto.TlsPQCConfig; +import org.bouncycastle.tls.crypto.TlsPQCKemMode; import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.tls.crypto.TlsStreamSigner; import org.bouncycastle.tls.crypto.TlsStreamVerifier; @@ -4022,6 +4024,7 @@ public static Vector getNamedGroupRoles(Vector keyExchangeAlgorithms) // TODO[tls13] We're conservatively adding both here, though maybe only one is needed addToSet(result, NamedGroupRole.dh); addToSet(result, NamedGroupRole.ecdh); + addToSet(result, NamedGroupRole.pqc); break; } } diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java index 2534d6aaee..ddc80787d2 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java @@ -69,6 +69,13 @@ public interface TlsCrypto */ boolean hasECDHAgreement(); + /** + * Return true if this TlsCrypto can support PQC key agreement. + * + * @return true if this instance can support PQC key agreement, false otherwise. + */ + boolean hasPQCAgreement(); + /** * Return true if this TlsCrypto can support the passed in block/stream encryption algorithm. * @@ -213,6 +220,14 @@ TlsCipher createCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm */ TlsECDomain createECDomain(TlsECConfig ecConfig); + /** + * Create a domain object supporting the domain parameters described in pqcConfig. + * + * @param pqcConfig the config describing the PQC parameters to use. + * @return a TlsPQCDomain supporting the parameters in pqcConfig. + */ + TlsPQCDomain createPQCDomain(TlsPQCConfig pqcConfig); + /** * Adopt the passed in secret, creating a new copy of it. * diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCConfig.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCConfig.java new file mode 100644 index 0000000000..1eab888a7a --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCConfig.java @@ -0,0 +1,59 @@ +package org.bouncycastle.tls.crypto; + +import org.bouncycastle.tls.NamedGroup; + +public class TlsPQCConfig +{ + protected final int namedGroup; + protected final TlsPQCKemMode mode; + protected final int pqcNamedGroup; + + public TlsPQCConfig(int namedGroup) + { + this(namedGroup, TlsPQCKemMode.PQC_KEM_SERVER); + } + + public TlsPQCConfig(int namedGroup, TlsPQCKemMode mode) + { + this.namedGroup = namedGroup; + this.mode = mode; + this.pqcNamedGroup = getPQCNamedGroup(namedGroup); + } + + public int getNamedGroup() + { + return namedGroup; + } + + public TlsPQCKemMode getTlsPQCKemMode() + { + return mode; + } + + public int getPQCNamedGroup() + { + return pqcNamedGroup; + } + + private int getPQCNamedGroup(int namedGroup) + { + return namedGroup; + // switch (namedGroup) + // { + // case NamedGroup.kyber512: + // case NamedGroup.secp256Kyber512: + // case NamedGroup.x25519Kyber512: + // return NamedGroup.kyber512; + // case NamedGroup.kyber768: + // case NamedGroup.secp384Kyber768: + // case NamedGroup.x25519Kyber768: + // case NamedGroup.x448Kyber768: + // return NamedGroup.kyber768; + // case NamedGroup.kyber1024: + // case NamedGroup.secp521Kyber1024: + // return NamedGroup.kyber1024; + // default: + // return namedGroup; + // } + } +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java new file mode 100644 index 0000000000..ecb985d5f8 --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java @@ -0,0 +1,6 @@ +package org.bouncycastle.tls.crypto; + +public interface TlsPQCDomain +{ + TlsAgreement createPQC(); +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java new file mode 100644 index 0000000000..8b53a9564b --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java @@ -0,0 +1,7 @@ +package org.bouncycastle.tls.crypto; + +public enum TlsPQCKemMode +{ + PQC_KEM_CLIENT, + PQC_KEM_SERVER, +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java index 56b4c1fc83..9f12a7a757 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java @@ -54,6 +54,8 @@ import org.bouncycastle.tls.crypto.TlsECDomain; import org.bouncycastle.tls.crypto.TlsHMAC; import org.bouncycastle.tls.crypto.TlsHash; +import org.bouncycastle.tls.crypto.TlsPQCConfig; +import org.bouncycastle.tls.crypto.TlsPQCDomain; import org.bouncycastle.tls.crypto.TlsNonceGenerator; import org.bouncycastle.tls.crypto.TlsSRP6Client; import org.bouncycastle.tls.crypto.TlsSRP6Server; @@ -211,6 +213,11 @@ public TlsECDomain createECDomain(TlsECConfig ecConfig) } } + public TlsPQCDomain createPQCDomain(TlsPQCConfig pqcConfig) + { + return new BcTlsKyberDomain(this, pqcConfig); + } + public TlsNonceGenerator createNonceGenerator(byte[] additionalSeedMaterial) { int cryptoHashAlgorithm = CryptoHashAlgorithm.sha256; @@ -304,6 +311,11 @@ public boolean hasECDHAgreement() return true; } + public boolean hasPQCAgreement() + { + return true; + } + public boolean hasEncryptionAlgorithm(int encryptionAlgorithm) { switch (encryptionAlgorithm) diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java new file mode 100644 index 0000000000..d5d363b248 --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java @@ -0,0 +1,66 @@ +package org.bouncycastle.tls.crypto.impl.bc; + +import java.io.IOException; +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.SecretWithEncapsulation; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPrivateKeyParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; +import org.bouncycastle.tls.crypto.TlsAgreement; +import org.bouncycastle.tls.crypto.TlsPQCKemMode; +import org.bouncycastle.tls.crypto.TlsSecret; +import org.bouncycastle.util.Arrays; + +public class BcTlsKyber implements TlsAgreement +{ + protected final BcTlsKyberDomain domain; + + protected AsymmetricCipherKeyPair localKeyPair; + protected KyberPublicKeyParameters peerPublicKey; + protected byte[] ciphertext; + protected byte[] secret; + + public BcTlsKyber(BcTlsKyberDomain domain) + { + this.domain = domain; + } + + public byte[] generateEphemeral() throws IOException + { + if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + { + this.localKeyPair = domain.generateKeyPair(); + return domain.encodePublicKey((KyberPublicKeyParameters)localKeyPair.getPublic()); + } + else + { + return Arrays.clone(ciphertext); + } + } + + public void receivePeerValue(byte[] peerValue) throws IOException + { + if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + { + this.ciphertext = Arrays.clone(peerValue); + } + else + { + this.peerPublicKey = domain.decodePublicKey(peerValue); + SecretWithEncapsulation encap = domain.enCap(peerPublicKey); + ciphertext = encap.getEncapsulation(); + secret = encap.getSecret(); + } + } + + public TlsSecret calculateSecret() throws IOException + { + if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + { + return domain.adoptLocalSecret(domain.deCap((KyberPrivateKeyParameters)localKeyPair.getPrivate(), ciphertext)); + } + else + { + return domain.adoptLocalSecret(secret); + } + } +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java new file mode 100644 index 0000000000..7bb04d24de --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java @@ -0,0 +1,90 @@ +package org.bouncycastle.tls.crypto.impl.bc; + +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.SecretWithEncapsulation; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKEMExtractor; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKEMGenerator; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKeyGenerationParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKeyPairGenerator; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPrivateKeyParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; +import org.bouncycastle.tls.NamedGroup; +import org.bouncycastle.tls.crypto.TlsAgreement; +import org.bouncycastle.tls.crypto.TlsPQCConfig; +import org.bouncycastle.tls.crypto.TlsPQCDomain; +import org.bouncycastle.tls.crypto.TlsSecret; + +public class BcTlsKyberDomain implements TlsPQCDomain +{ + public static KyberParameters getKyberParameters(TlsPQCConfig pqcConfig) + { + switch (pqcConfig.getPQCNamedGroup()) + { + case NamedGroup.kyber512: + return KyberParameters.kyber512; + case NamedGroup.kyber768: + return KyberParameters.kyber768; + case NamedGroup.kyber1024: + return KyberParameters.kyber1024; + default: + return null; + } + } + + protected final BcTlsCrypto crypto; + protected final TlsPQCConfig pqcConfig; + protected final KyberParameters kyberParameters; + + public TlsPQCConfig getTlsPQCConfig() + { + return pqcConfig; + } + + public BcTlsKyberDomain(BcTlsCrypto crypto, TlsPQCConfig pqcConfig) + { + this.crypto = crypto; + this.pqcConfig = pqcConfig; + this.kyberParameters = getKyberParameters(pqcConfig); + } + + public TlsAgreement createPQC() + { + return new BcTlsKyber(this); + } + + public KyberPublicKeyParameters decodePublicKey(byte[] encoding) + { + return new KyberPublicKeyParameters(kyberParameters, encoding); + } + + public byte[] encodePublicKey(KyberPublicKeyParameters kyberPublicKeyParameters) + { + return kyberPublicKeyParameters.getEncoded(); + } + + public AsymmetricCipherKeyPair generateKeyPair() + { + KyberKeyPairGenerator keyPairGenerator = new KyberKeyPairGenerator(); + keyPairGenerator.init(new KyberKeyGenerationParameters(crypto.getSecureRandom(), kyberParameters)); + return keyPairGenerator.generateKeyPair(); + } + + public TlsSecret adoptLocalSecret(byte[] secret) + { + return crypto.adoptLocalSecret(secret); + } + + public SecretWithEncapsulation enCap(KyberPublicKeyParameters peerPublicKey) + { + KyberKEMGenerator kemGen = new KyberKEMGenerator(crypto.getSecureRandom()); + return kemGen.generateEncapsulated(peerPublicKey); + } + + public byte[] deCap(KyberPrivateKeyParameters kyberPrivateKeyParameters, byte[] cipherText) + { + KyberKEMExtractor kemExtract = new KyberKEMExtractor(kyberPrivateKeyParameters); + byte[] secret = kemExtract.extractSecret(cipherText); + return secret; + } +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java index 7c19caace0..143880bfbe 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java @@ -48,6 +48,8 @@ import org.bouncycastle.tls.crypto.TlsECDomain; import org.bouncycastle.tls.crypto.TlsHMAC; import org.bouncycastle.tls.crypto.TlsHash; +import org.bouncycastle.tls.crypto.TlsPQCConfig; +import org.bouncycastle.tls.crypto.TlsPQCDomain; import org.bouncycastle.tls.crypto.TlsNonceGenerator; import org.bouncycastle.tls.crypto.TlsSRP6Client; import org.bouncycastle.tls.crypto.TlsSRP6Server; @@ -559,6 +561,11 @@ public boolean hasECDHAgreement() { return true; } + + public boolean hasPQCAgreement() + { + return true; + } public boolean hasEncryptionAlgorithm(int encryptionAlgorithm) { @@ -823,6 +830,25 @@ public TlsECDomain createECDomain(TlsECConfig ecConfig) return new JceTlsECDomain(this, ecConfig); } } + + public TlsPQCDomain createPQCDomain(TlsPQCConfig pqcConfig) + { + return new JceTlsKyberDomain(this, pqcConfig); + // switch (pqcConfig.getNamedGroup()) + // { + // case NamedGroup.secp256Kyber512: + // case NamedGroup.secp384Kyber768: + // case NamedGroup.secp521Kyber1024: + // return new JceTlsECDHKyberHybridDomain(this, pqcConfig); + // case NamedGroup.x25519Kyber512: + // case NamedGroup.x25519Kyber768: + // return new JceTlsX25519KyberHybridDomain(this, pqcConfig); + // case NamedGroup.x448Kyber768: + // return new JceTlsX448KyberHybridDomain(this, pqcConfig); + // default: + // return new JceTlsKyberDomain(this, pqcConfig); + // } + } public TlsSecret hkdfInit(int cryptoHashAlgorithm) { @@ -1148,6 +1174,10 @@ protected Boolean isSupportedNamedGroup(int namedGroup) } } } + else if (NamedGroup.refersToASpecificPQC(namedGroup)) + { + return Boolean.TRUE; + } else if (NamedGroup.refersToAnECDSACurve(namedGroup)) { return Boolean.valueOf(ECUtil.isCurveSupported(this, NamedGroup.getCurveName(namedGroup))); diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java new file mode 100644 index 0000000000..0e33b70ebf --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java @@ -0,0 +1,65 @@ +package org.bouncycastle.tls.crypto.impl.jcajce; + +import java.io.IOException; +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.SecretWithEncapsulation; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPrivateKeyParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; +import org.bouncycastle.tls.crypto.TlsAgreement; +import org.bouncycastle.tls.crypto.TlsPQCKemMode; +import org.bouncycastle.util.Arrays; + +public class JceTlsKyber implements TlsAgreement +{ + protected final JceTlsKyberDomain domain; + + protected AsymmetricCipherKeyPair localKeyPair; + protected KyberPublicKeyParameters peerPublicKey; + protected byte[] ciphertext; + protected byte[] secret; + + public JceTlsKyber(JceTlsKyberDomain domain) + { + this.domain = domain; + } + + public byte[] generateEphemeral() throws IOException + { + if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + { + this.localKeyPair = domain.generateKeyPair(); + return domain.encodePublicKey((KyberPublicKeyParameters)localKeyPair.getPublic()); + } + else + { + return Arrays.clone(ciphertext); + } + } + + public void receivePeerValue(byte[] peerValue) throws IOException + { + if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + { + this.ciphertext = Arrays.clone(peerValue); + } + else + { + this.peerPublicKey = domain.decodePublicKey(peerValue); + SecretWithEncapsulation encap = domain.enCap(peerPublicKey); + ciphertext = encap.getEncapsulation(); + secret = encap.getSecret(); + } + } + + public JceTlsSecret calculateSecret() throws IOException + { + if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + { + return domain.adoptLocalSecret(domain.deCap((KyberPrivateKeyParameters)localKeyPair.getPrivate(), ciphertext)); + } + else + { + return domain.adoptLocalSecret(secret); + } + } +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java new file mode 100644 index 0000000000..849c7fe5bf --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java @@ -0,0 +1,90 @@ +package org.bouncycastle.tls.crypto.impl.jcajce; + +import org.bouncycastle.crypto.AsymmetricCipherKeyPair; +import org.bouncycastle.crypto.SecretWithEncapsulation; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKEMExtractor; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKEMGenerator; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKeyGenerationParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberKeyPairGenerator; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPrivateKeyParameters; +import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; +import org.bouncycastle.tls.NamedGroup; +import org.bouncycastle.tls.crypto.TlsAgreement; +import org.bouncycastle.tls.crypto.TlsPQCConfig; +import org.bouncycastle.tls.crypto.TlsPQCDomain; + +public class JceTlsKyberDomain implements TlsPQCDomain +{ + public static KyberParameters getKyberParameters(TlsPQCConfig pqcConfig) + { + switch (pqcConfig.getPQCNamedGroup()) + { + case NamedGroup.kyber512: + return KyberParameters.kyber512; + case NamedGroup.kyber768: + return KyberParameters.kyber768; + case NamedGroup.kyber1024: + return KyberParameters.kyber1024; + default: + return null; + } + } + + protected final JcaTlsCrypto crypto; + protected final TlsPQCConfig pqcConfig; + protected final KyberParameters kyberParameters; + + public TlsPQCConfig getTlsPQCConfig() + { + return pqcConfig; + } + + public JceTlsKyberDomain(JcaTlsCrypto crypto, TlsPQCConfig pqcConfig) + { + this.crypto = crypto; + this.pqcConfig = pqcConfig; + this.kyberParameters = getKyberParameters(pqcConfig); + } + + public TlsAgreement createPQC() + { + return new JceTlsKyber(this); + } + + public KyberPublicKeyParameters decodePublicKey(byte[] encoding) + { + return new KyberPublicKeyParameters(kyberParameters, encoding); + } + + public byte[] encodePublicKey(KyberPublicKeyParameters kyberPublicKeyParameters) + { + return kyberPublicKeyParameters.getEncoded(); + } + + public AsymmetricCipherKeyPair generateKeyPair() + { + KyberKeyPairGenerator keyPairGenerator = new KyberKeyPairGenerator(); + keyPairGenerator.init(new KyberKeyGenerationParameters(crypto.getSecureRandom(), kyberParameters)); + return keyPairGenerator.generateKeyPair(); + } + + public JceTlsSecret adoptLocalSecret(byte[] secret) + { + return crypto.adoptLocalSecret(secret); + } + + public SecretWithEncapsulation enCap(KyberPublicKeyParameters peerPublicKey) + { + KyberKEMGenerator kemGen = new KyberKEMGenerator(crypto.getSecureRandom()); + return kemGen.generateEncapsulated(peerPublicKey); + } + + public byte[] deCap(KyberPrivateKeyParameters kyberPrivateKeyParameters, byte[] cipherText) + { + // CryptoServicesRegistrar.checkConstraints(KyberUtils.getDefaultProperties("Kyber", kyberPrivateKeyParameters)); + KyberKEMExtractor kemExtract = new KyberKEMExtractor(kyberPrivateKeyParameters); + byte[] secret = kemExtract.extractSecret(cipherText); + return secret; + } +} From e0da08e1c56c1ec6e0c584256f80f6b8d71a99c1 Mon Sep 17 00:00:00 2001 From: yuhh0328 Date: Wed, 10 Jan 2024 10:10:44 +0000 Subject: [PATCH 2/7] Updates : add tls-kyber --- .../org/bouncycastle/jsse/provider/NamedGroupInfo.java | 3 ++- tls/src/main/java/org/bouncycastle/tls/TlsUtils.java | 7 +++++++ .../tls/crypto/impl/jcajce/JcaTlsCrypto.java | 10 ++++++++++ 3 files changed, 19 insertions(+), 1 deletion(-) diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java index b41df8237f..2d85f598ee 100644 --- a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java +++ b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java @@ -554,7 +554,8 @@ private static boolean hasAnyECDSA(Map local) { for (NamedGroupInfo namedGroupInfo : local.values()) { - if (NamedGroup.refersToAnECDSACurve(namedGroupInfo.getNamedGroup())) + if (NamedGroup.refersToAnECDSACurve(namedGroupInfo.getNamedGroup()) + || NamedGroup.refersToASpecificPQC(namedGroupInfo.getNamedGroup())) { return true; } diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java index 816963a798..0af0a69abb 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java @@ -5374,6 +5374,13 @@ else if (NamedGroup.refersToASpecificFiniteField(supportedGroup)) agreement = crypto.createDHDomain(new TlsDHConfig(supportedGroup, true)).createDH(); } } + else if (NamedGroup.refersToASpecificPQC(supportedGroup)) + { + if (crypto.hasPQCAgreement()) + { + agreement = crypto.createPQCDomain(new TlsPQCConfig(supportedGroup, TlsPQCKemMode.PQC_KEM_CLIENT)).createPQC(); + } + } if (null != agreement) { diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java index 143880bfbe..d1b90c9077 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java @@ -438,6 +438,16 @@ else if (NamedGroup.refersToASpecificFiniteField(namedGroup)) { return DHUtil.getAlgorithmParameters(this, TlsDHUtils.getNamedDHGroup(namedGroup)); } + else if (NamedGroup.refersToASpecificPQC(namedGroup)) + { + switch (namedGroup) + { + case NamedGroup.kyber512: + case NamedGroup.kyber768: + case NamedGroup.kyber1024: + return null; + } + } throw new IllegalArgumentException("NamedGroup not supported: " + NamedGroup.getText(namedGroup)); } From be62cbe6d4ecb4bf546e5537f0ac1787c521d9e5 Mon Sep 17 00:00:00 2001 From: yuhh0328 Date: Thu, 11 Jan 2024 07:10:53 +0000 Subject: [PATCH 3/7] Updates : tls-kyber --- .../tls/crypto/impl/jcajce/JcaTlsCrypto.java | 14 -------------- .../tls/crypto/impl/jcajce/JceTlsKyberDomain.java | 1 - 2 files changed, 15 deletions(-) diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java index d1b90c9077..33599ba280 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java @@ -844,20 +844,6 @@ public TlsECDomain createECDomain(TlsECConfig ecConfig) public TlsPQCDomain createPQCDomain(TlsPQCConfig pqcConfig) { return new JceTlsKyberDomain(this, pqcConfig); - // switch (pqcConfig.getNamedGroup()) - // { - // case NamedGroup.secp256Kyber512: - // case NamedGroup.secp384Kyber768: - // case NamedGroup.secp521Kyber1024: - // return new JceTlsECDHKyberHybridDomain(this, pqcConfig); - // case NamedGroup.x25519Kyber512: - // case NamedGroup.x25519Kyber768: - // return new JceTlsX25519KyberHybridDomain(this, pqcConfig); - // case NamedGroup.x448Kyber768: - // return new JceTlsX448KyberHybridDomain(this, pqcConfig); - // default: - // return new JceTlsKyberDomain(this, pqcConfig); - // } } public TlsSecret hkdfInit(int cryptoHashAlgorithm) diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java index 849c7fe5bf..879213e504 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java @@ -82,7 +82,6 @@ public SecretWithEncapsulation enCap(KyberPublicKeyParameters peerPublicKey) public byte[] deCap(KyberPrivateKeyParameters kyberPrivateKeyParameters, byte[] cipherText) { - // CryptoServicesRegistrar.checkConstraints(KyberUtils.getDefaultProperties("Kyber", kyberPrivateKeyParameters)); KyberKEMExtractor kemExtract = new KyberKEMExtractor(kyberPrivateKeyParameters); byte[] secret = kemExtract.extractSecret(cipherText); return secret; From 431d8cc81d19f2dc1bb61dc606243da9fad7be16 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 13 Feb 2024 10:54:33 +0000 Subject: [PATCH 4/7] 1. rename (PQC -> KEM) 2. add TlsCryptoParameters --- .../jsse/provider/NamedGroupInfo.java | 8 ++--- .../java/org/bouncycastle/tls/NamedGroup.java | 12 ++++---- .../org/bouncycastle/tls/NamedGroupRole.java | 2 +- .../bouncycastle/tls/TlsServerProtocol.java | 9 +++--- .../java/org/bouncycastle/tls/TlsUtils.java | 19 ++++++------ .../bouncycastle/tls/crypto/TlsCrypto.java | 14 ++++----- .../{TlsPQCConfig.java => TlsKEMConfig.java} | 29 +++++++------------ .../bouncycastle/tls/crypto/TlsKEMDomain.java | 6 ++++ .../bouncycastle/tls/crypto/TlsKemMode.java | 7 +++++ .../bouncycastle/tls/crypto/TlsPQCDomain.java | 6 ---- .../tls/crypto/TlsPQCKemMode.java | 7 ----- .../tls/crypto/impl/bc/BcTlsCrypto.java | 10 +++---- .../tls/crypto/impl/bc/BcTlsKyber.java | 25 ++++++++-------- .../tls/crypto/impl/bc/BcTlsKyberDomain.java | 24 +++++++-------- .../tls/crypto/impl/jcajce/JcaTlsCrypto.java | 14 ++++----- .../tls/crypto/impl/jcajce/JceTlsKyber.java | 25 ++++++++-------- .../crypto/impl/jcajce/JceTlsKyberDomain.java | 24 +++++++-------- 17 files changed, 117 insertions(+), 124 deletions(-) rename tls/src/main/java/org/bouncycastle/tls/crypto/{TlsPQCConfig.java => TlsKEMConfig.java} (60%) create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsKEMDomain.java create mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java delete mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java delete mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java index 2d85f598ee..9cfbb3e5f3 100644 --- a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java +++ b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java @@ -75,9 +75,9 @@ private enum All ffdhe6144(NamedGroup.ffdhe6144, "DiffieHellman"), ffdhe8192(NamedGroup.ffdhe8192, "DiffieHellman"), - kyber512(NamedGroup.kyber512, "PQC"), - kyber768(NamedGroup.kyber768, "PQC"), - kyber1024(NamedGroup.kyber1024, "PQC"); + kyber512(NamedGroup.kyber512, "KEM"), + kyber768(NamedGroup.kyber768, "KEM"), + kyber1024(NamedGroup.kyber1024, "KEM"); private final int namedGroup; private final String name; @@ -555,7 +555,7 @@ private static boolean hasAnyECDSA(Map local) for (NamedGroupInfo namedGroupInfo : local.values()) { if (NamedGroup.refersToAnECDSACurve(namedGroupInfo.getNamedGroup()) - || NamedGroup.refersToASpecificPQC(namedGroupInfo.getNamedGroup())) + || NamedGroup.refersToASpecificKEM(namedGroupInfo.getNamedGroup())) { return true; } diff --git a/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java b/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java index 2af39b3985..a3f24ffcc5 100644 --- a/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java +++ b/tls/src/main/java/org/bouncycastle/tls/NamedGroup.java @@ -265,7 +265,7 @@ public static String getFiniteFieldName(int namedGroup) return null; } - public static String getPQCName(int namedGroup) + public static String getKEMName(int namedGroup) { switch (namedGroup) { @@ -364,10 +364,10 @@ public static String getStandardName(int namedGroup) return finiteFieldName; } - String pqcName = getPQCName(namedGroup); - if (null != pqcName) + String kemName = getKEMName(namedGroup); + if (null != kemName) { - return pqcName; + return kemName; } return null; @@ -438,7 +438,7 @@ public static boolean refersToASpecificFiniteField(int namedGroup) return namedGroup >= ffdhe2048 && namedGroup <= ffdhe8192; } - public static boolean refersToASpecificPQC(int namedGroup) + public static boolean refersToASpecificKEM(int namedGroup) { return namedGroup == kyber512 || namedGroup == kyber768 || namedGroup == kyber1024; } @@ -447,6 +447,6 @@ public static boolean refersToASpecificGroup(int namedGroup) { return refersToASpecificCurve(namedGroup) || refersToASpecificFiniteField(namedGroup) - || refersToASpecificPQC(namedGroup); + || refersToASpecificKEM(namedGroup); } } diff --git a/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java b/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java index 8370a9474f..eea7d9262c 100644 --- a/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java +++ b/tls/src/main/java/org/bouncycastle/tls/NamedGroupRole.java @@ -9,5 +9,5 @@ public class NamedGroupRole public static final int dh = 1; public static final int ecdh = 2; public static final int ecdsa = 3; - public static final int pqc = 4; + public static final int kem = 4; } diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java b/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java index 30f4f0c1b3..6ce7c1dd89 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java @@ -10,10 +10,11 @@ import org.bouncycastle.tls.crypto.TlsAgreement; import org.bouncycastle.tls.crypto.TlsCrypto; +import org.bouncycastle.tls.crypto.TlsCryptoParameters; import org.bouncycastle.tls.crypto.TlsDHConfig; import org.bouncycastle.tls.crypto.TlsECConfig; -import org.bouncycastle.tls.crypto.TlsPQCConfig; -import org.bouncycastle.tls.crypto.TlsPQCKemMode; +import org.bouncycastle.tls.crypto.TlsKEMConfig; +import org.bouncycastle.tls.crypto.TlsKemMode; import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.util.Arrays; @@ -407,9 +408,9 @@ else if (NamedGroup.refersToASpecificFiniteField(namedGroup)) { agreement = crypto.createDHDomain(new TlsDHConfig(namedGroup, true)).createDH(); } - else if (NamedGroup.refersToASpecificPQC(namedGroup)) + else if (NamedGroup.refersToASpecificKEM(namedGroup)) { - agreement = crypto.createPQCDomain(new TlsPQCConfig(namedGroup, TlsPQCKemMode.PQC_KEM_SERVER)).createPQC(); + agreement = crypto.createKEMDomain(new TlsKEMConfig(namedGroup, new TlsCryptoParameters(tlsServerContext))).createKEM(); } else { diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java index 0af0a69abb..55bbb955e5 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java @@ -40,8 +40,8 @@ import org.bouncycastle.tls.crypto.TlsEncryptor; import org.bouncycastle.tls.crypto.TlsHash; import org.bouncycastle.tls.crypto.TlsHashOutputStream; -import org.bouncycastle.tls.crypto.TlsPQCConfig; -import org.bouncycastle.tls.crypto.TlsPQCKemMode; +import org.bouncycastle.tls.crypto.TlsKEMConfig; +import org.bouncycastle.tls.crypto.TlsKemMode; import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.tls.crypto.TlsStreamSigner; import org.bouncycastle.tls.crypto.TlsStreamVerifier; @@ -4024,7 +4024,7 @@ public static Vector getNamedGroupRoles(Vector keyExchangeAlgorithms) // TODO[tls13] We're conservatively adding both here, though maybe only one is needed addToSet(result, NamedGroupRole.dh); addToSet(result, NamedGroupRole.ecdh); - addToSet(result, NamedGroupRole.pqc); + addToSet(result, NamedGroupRole.kem); break; } } @@ -5306,7 +5306,7 @@ static Hashtable addKeyShareToClientHello(TlsClientContext clientContext, TlsCli Hashtable clientAgreements = new Hashtable(3); Vector clientShares = new Vector(2); - collectKeyShares(clientContext.getCrypto(), supportedGroups, keyShareGroups, clientAgreements, clientShares); + collectKeyShares(clientContext, supportedGroups, keyShareGroups, clientAgreements, clientShares); // TODO[tls13-psk] When clientShares empty, consider not adding extension if pre_shared_key in use TlsExtensionsUtils.addKeyShareClientHello(clientExtensions, clientShares); @@ -5322,7 +5322,7 @@ static Hashtable addKeyShareToClientHelloRetry(TlsClientContext clientContext, H Hashtable clientAgreements = new Hashtable(1, 1.0f); Vector clientShares = new Vector(1); - collectKeyShares(clientContext.getCrypto(), supportedGroups, keyShareGroups, clientAgreements, clientShares); + collectKeyShares(clientContext, supportedGroups, keyShareGroups, clientAgreements, clientShares); TlsExtensionsUtils.addKeyShareClientHello(clientExtensions, clientShares); @@ -5335,9 +5335,10 @@ static Hashtable addKeyShareToClientHelloRetry(TlsClientContext clientContext, H return clientAgreements; } - private static void collectKeyShares(TlsCrypto crypto, int[] supportedGroups, Vector keyShareGroups, + private static void collectKeyShares(TlsClientContext clientContext, int[] supportedGroups, Vector keyShareGroups, Hashtable clientAgreements, Vector clientShares) throws IOException { + TlsCrypto crypto = clientContext.getCrypto(); if (isNullOrEmpty(supportedGroups)) { return; @@ -5374,11 +5375,11 @@ else if (NamedGroup.refersToASpecificFiniteField(supportedGroup)) agreement = crypto.createDHDomain(new TlsDHConfig(supportedGroup, true)).createDH(); } } - else if (NamedGroup.refersToASpecificPQC(supportedGroup)) + else if (NamedGroup.refersToASpecificKEM(supportedGroup)) { - if (crypto.hasPQCAgreement()) + if (crypto.hasKEMAgreement()) { - agreement = crypto.createPQCDomain(new TlsPQCConfig(supportedGroup, TlsPQCKemMode.PQC_KEM_CLIENT)).createPQC(); + agreement = crypto.createKEMDomain(new TlsKEMConfig(supportedGroup, new TlsCryptoParameters(clientContext))).createKEM(); } } diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java index ddc80787d2..0e1492ac5f 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java @@ -70,11 +70,11 @@ public interface TlsCrypto boolean hasECDHAgreement(); /** - * Return true if this TlsCrypto can support PQC key agreement. + * Return true if this TlsCrypto can support KEM key agreement. * - * @return true if this instance can support PQC key agreement, false otherwise. + * @return true if this instance can support KEM key agreement, false otherwise. */ - boolean hasPQCAgreement(); + boolean hasKEMAgreement(); /** * Return true if this TlsCrypto can support the passed in block/stream encryption algorithm. @@ -221,12 +221,12 @@ TlsCipher createCipher(TlsCryptoParameters cryptoParams, int encryptionAlgorithm TlsECDomain createECDomain(TlsECConfig ecConfig); /** - * Create a domain object supporting the domain parameters described in pqcConfig. + * Create a domain object supporting the domain parameters described in kemConfig. * - * @param pqcConfig the config describing the PQC parameters to use. - * @return a TlsPQCDomain supporting the parameters in pqcConfig. + * @param kemConfig the config describing the KEM parameters to use. + * @return a TlsKEMDomain supporting the parameters in kemConfig. */ - TlsPQCDomain createPQCDomain(TlsPQCConfig pqcConfig); + TlsKEMDomain createKEMDomain(TlsKEMConfig kemConfig); /** * Adopt the passed in secret, creating a new copy of it. diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCConfig.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKEMConfig.java similarity index 60% rename from tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCConfig.java rename to tls/src/main/java/org/bouncycastle/tls/crypto/TlsKEMConfig.java index 1eab888a7a..e10cefe467 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCConfig.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKEMConfig.java @@ -1,23 +1,16 @@ package org.bouncycastle.tls.crypto; -import org.bouncycastle.tls.NamedGroup; - -public class TlsPQCConfig +public class TlsKEMConfig { protected final int namedGroup; - protected final TlsPQCKemMode mode; - protected final int pqcNamedGroup; - - public TlsPQCConfig(int namedGroup) - { - this(namedGroup, TlsPQCKemMode.PQC_KEM_SERVER); - } + protected final TlsCryptoParameters cryptoParams; + protected final int kemNamedGroup; - public TlsPQCConfig(int namedGroup, TlsPQCKemMode mode) + public TlsKEMConfig(int namedGroup, TlsCryptoParameters cryptoParams) { this.namedGroup = namedGroup; - this.mode = mode; - this.pqcNamedGroup = getPQCNamedGroup(namedGroup); + this.cryptoParams = cryptoParams; + this.kemNamedGroup = getKEMNamedGroup(namedGroup); } public int getNamedGroup() @@ -25,17 +18,17 @@ public int getNamedGroup() return namedGroup; } - public TlsPQCKemMode getTlsPQCKemMode() + public boolean isServer() { - return mode; + return cryptoParams.isServer(); } - public int getPQCNamedGroup() + public int getKEMNamedGroup() { - return pqcNamedGroup; + return kemNamedGroup; } - private int getPQCNamedGroup(int namedGroup) + private int getKEMNamedGroup(int namedGroup) { return namedGroup; // switch (namedGroup) diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKEMDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKEMDomain.java new file mode 100644 index 0000000000..94a15b5cdf --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKEMDomain.java @@ -0,0 +1,6 @@ +package org.bouncycastle.tls.crypto; + +public interface TlsKEMDomain +{ + TlsAgreement createKEM(); +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java new file mode 100644 index 0000000000..6081608b63 --- /dev/null +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java @@ -0,0 +1,7 @@ +package org.bouncycastle.tls.crypto; + +public enum TlsKemMode +{ + KEM_CLIENT, + KEM_SERVER, +} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java deleted file mode 100644 index ecb985d5f8..0000000000 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCDomain.java +++ /dev/null @@ -1,6 +0,0 @@ -package org.bouncycastle.tls.crypto; - -public interface TlsPQCDomain -{ - TlsAgreement createPQC(); -} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java deleted file mode 100644 index 8b53a9564b..0000000000 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsPQCKemMode.java +++ /dev/null @@ -1,7 +0,0 @@ -package org.bouncycastle.tls.crypto; - -public enum TlsPQCKemMode -{ - PQC_KEM_CLIENT, - PQC_KEM_SERVER, -} diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java index 9f12a7a757..4f5a3262c4 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java @@ -54,8 +54,8 @@ import org.bouncycastle.tls.crypto.TlsECDomain; import org.bouncycastle.tls.crypto.TlsHMAC; import org.bouncycastle.tls.crypto.TlsHash; -import org.bouncycastle.tls.crypto.TlsPQCConfig; -import org.bouncycastle.tls.crypto.TlsPQCDomain; +import org.bouncycastle.tls.crypto.TlsKEMConfig; +import org.bouncycastle.tls.crypto.TlsKEMDomain; import org.bouncycastle.tls.crypto.TlsNonceGenerator; import org.bouncycastle.tls.crypto.TlsSRP6Client; import org.bouncycastle.tls.crypto.TlsSRP6Server; @@ -213,9 +213,9 @@ public TlsECDomain createECDomain(TlsECConfig ecConfig) } } - public TlsPQCDomain createPQCDomain(TlsPQCConfig pqcConfig) + public TlsKEMDomain createKEMDomain(TlsKEMConfig kemConfig) { - return new BcTlsKyberDomain(this, pqcConfig); + return new BcTlsKyberDomain(this, kemConfig); } public TlsNonceGenerator createNonceGenerator(byte[] additionalSeedMaterial) @@ -311,7 +311,7 @@ public boolean hasECDHAgreement() return true; } - public boolean hasPQCAgreement() + public boolean hasKEMAgreement() { return true; } diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java index d5d363b248..1d65e6726b 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyber.java @@ -6,7 +6,6 @@ import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPrivateKeyParameters; import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; import org.bouncycastle.tls.crypto.TlsAgreement; -import org.bouncycastle.tls.crypto.TlsPQCKemMode; import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.util.Arrays; @@ -26,41 +25,41 @@ public BcTlsKyber(BcTlsKyberDomain domain) public byte[] generateEphemeral() throws IOException { - if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + if (domain.getTlsKEMConfig().isServer()) { - this.localKeyPair = domain.generateKeyPair(); - return domain.encodePublicKey((KyberPublicKeyParameters)localKeyPair.getPublic()); + return Arrays.clone(ciphertext); } else { - return Arrays.clone(ciphertext); + this.localKeyPair = domain.generateKeyPair(); + return domain.encodePublicKey((KyberPublicKeyParameters)localKeyPair.getPublic()); } } public void receivePeerValue(byte[] peerValue) throws IOException { - if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) - { - this.ciphertext = Arrays.clone(peerValue); - } - else + if (domain.getTlsKEMConfig().isServer()) { this.peerPublicKey = domain.decodePublicKey(peerValue); SecretWithEncapsulation encap = domain.enCap(peerPublicKey); ciphertext = encap.getEncapsulation(); secret = encap.getSecret(); } + else + { + this.ciphertext = Arrays.clone(peerValue); + } } public TlsSecret calculateSecret() throws IOException { - if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + if (domain.getTlsKEMConfig().isServer()) { - return domain.adoptLocalSecret(domain.deCap((KyberPrivateKeyParameters)localKeyPair.getPrivate(), ciphertext)); + return domain.adoptLocalSecret(secret); } else { - return domain.adoptLocalSecret(secret); + return domain.adoptLocalSecret(domain.deCap((KyberPrivateKeyParameters)localKeyPair.getPrivate(), ciphertext)); } } } diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java index 7bb04d24de..e6e8396082 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsKyberDomain.java @@ -11,15 +11,15 @@ import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; import org.bouncycastle.tls.NamedGroup; import org.bouncycastle.tls.crypto.TlsAgreement; -import org.bouncycastle.tls.crypto.TlsPQCConfig; -import org.bouncycastle.tls.crypto.TlsPQCDomain; +import org.bouncycastle.tls.crypto.TlsKEMConfig; +import org.bouncycastle.tls.crypto.TlsKEMDomain; import org.bouncycastle.tls.crypto.TlsSecret; -public class BcTlsKyberDomain implements TlsPQCDomain +public class BcTlsKyberDomain implements TlsKEMDomain { - public static KyberParameters getKyberParameters(TlsPQCConfig pqcConfig) + public static KyberParameters getKyberParameters(TlsKEMConfig kemConfig) { - switch (pqcConfig.getPQCNamedGroup()) + switch (kemConfig.getKEMNamedGroup()) { case NamedGroup.kyber512: return KyberParameters.kyber512; @@ -33,22 +33,22 @@ public static KyberParameters getKyberParameters(TlsPQCConfig pqcConfig) } protected final BcTlsCrypto crypto; - protected final TlsPQCConfig pqcConfig; + protected final TlsKEMConfig kemConfig; protected final KyberParameters kyberParameters; - public TlsPQCConfig getTlsPQCConfig() + public TlsKEMConfig getTlsKEMConfig() { - return pqcConfig; + return kemConfig; } - public BcTlsKyberDomain(BcTlsCrypto crypto, TlsPQCConfig pqcConfig) + public BcTlsKyberDomain(BcTlsCrypto crypto, TlsKEMConfig kemConfig) { this.crypto = crypto; - this.pqcConfig = pqcConfig; - this.kyberParameters = getKyberParameters(pqcConfig); + this.kemConfig = kemConfig; + this.kyberParameters = getKyberParameters(kemConfig); } - public TlsAgreement createPQC() + public TlsAgreement createKEM() { return new BcTlsKyber(this); } diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java index 33599ba280..b6fcc0331b 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java @@ -48,8 +48,8 @@ import org.bouncycastle.tls.crypto.TlsECDomain; import org.bouncycastle.tls.crypto.TlsHMAC; import org.bouncycastle.tls.crypto.TlsHash; -import org.bouncycastle.tls.crypto.TlsPQCConfig; -import org.bouncycastle.tls.crypto.TlsPQCDomain; +import org.bouncycastle.tls.crypto.TlsKEMConfig; +import org.bouncycastle.tls.crypto.TlsKEMDomain; import org.bouncycastle.tls.crypto.TlsNonceGenerator; import org.bouncycastle.tls.crypto.TlsSRP6Client; import org.bouncycastle.tls.crypto.TlsSRP6Server; @@ -438,7 +438,7 @@ else if (NamedGroup.refersToASpecificFiniteField(namedGroup)) { return DHUtil.getAlgorithmParameters(this, TlsDHUtils.getNamedDHGroup(namedGroup)); } - else if (NamedGroup.refersToASpecificPQC(namedGroup)) + else if (NamedGroup.refersToASpecificKEM(namedGroup)) { switch (namedGroup) { @@ -572,7 +572,7 @@ public boolean hasECDHAgreement() return true; } - public boolean hasPQCAgreement() + public boolean hasKEMAgreement() { return true; } @@ -841,9 +841,9 @@ public TlsECDomain createECDomain(TlsECConfig ecConfig) } } - public TlsPQCDomain createPQCDomain(TlsPQCConfig pqcConfig) + public TlsKEMDomain createKEMDomain(TlsKEMConfig kemConfig) { - return new JceTlsKyberDomain(this, pqcConfig); + return new JceTlsKyberDomain(this, kemConfig); } public TlsSecret hkdfInit(int cryptoHashAlgorithm) @@ -1170,7 +1170,7 @@ protected Boolean isSupportedNamedGroup(int namedGroup) } } } - else if (NamedGroup.refersToASpecificPQC(namedGroup)) + else if (NamedGroup.refersToASpecificKEM(namedGroup)) { return Boolean.TRUE; } diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java index 0e33b70ebf..0d5e4768eb 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyber.java @@ -6,7 +6,6 @@ import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPrivateKeyParameters; import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; import org.bouncycastle.tls.crypto.TlsAgreement; -import org.bouncycastle.tls.crypto.TlsPQCKemMode; import org.bouncycastle.util.Arrays; public class JceTlsKyber implements TlsAgreement @@ -25,41 +24,41 @@ public JceTlsKyber(JceTlsKyberDomain domain) public byte[] generateEphemeral() throws IOException { - if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + if (domain.getTlsKEMConfig().isServer()) { - this.localKeyPair = domain.generateKeyPair(); - return domain.encodePublicKey((KyberPublicKeyParameters)localKeyPair.getPublic()); + return Arrays.clone(ciphertext); } else { - return Arrays.clone(ciphertext); + this.localKeyPair = domain.generateKeyPair(); + return domain.encodePublicKey((KyberPublicKeyParameters)localKeyPair.getPublic()); } } public void receivePeerValue(byte[] peerValue) throws IOException { - if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) - { - this.ciphertext = Arrays.clone(peerValue); - } - else + if (domain.getTlsKEMConfig().isServer()) { this.peerPublicKey = domain.decodePublicKey(peerValue); SecretWithEncapsulation encap = domain.enCap(peerPublicKey); ciphertext = encap.getEncapsulation(); secret = encap.getSecret(); } + else + { + this.ciphertext = Arrays.clone(peerValue); + } } public JceTlsSecret calculateSecret() throws IOException { - if (TlsPQCKemMode.PQC_KEM_CLIENT.equals(domain.getTlsPQCConfig().getTlsPQCKemMode())) + if (domain.getTlsKEMConfig().isServer()) { - return domain.adoptLocalSecret(domain.deCap((KyberPrivateKeyParameters)localKeyPair.getPrivate(), ciphertext)); + return domain.adoptLocalSecret(secret); } else { - return domain.adoptLocalSecret(secret); + return domain.adoptLocalSecret(domain.deCap((KyberPrivateKeyParameters)localKeyPair.getPrivate(), ciphertext)); } } } diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java index 879213e504..6f52c7c8e9 100644 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java +++ b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsKyberDomain.java @@ -11,14 +11,14 @@ import org.bouncycastle.pqc.crypto.crystals.kyber.KyberPublicKeyParameters; import org.bouncycastle.tls.NamedGroup; import org.bouncycastle.tls.crypto.TlsAgreement; -import org.bouncycastle.tls.crypto.TlsPQCConfig; -import org.bouncycastle.tls.crypto.TlsPQCDomain; +import org.bouncycastle.tls.crypto.TlsKEMConfig; +import org.bouncycastle.tls.crypto.TlsKEMDomain; -public class JceTlsKyberDomain implements TlsPQCDomain +public class JceTlsKyberDomain implements TlsKEMDomain { - public static KyberParameters getKyberParameters(TlsPQCConfig pqcConfig) + public static KyberParameters getKyberParameters(TlsKEMConfig kemConfig) { - switch (pqcConfig.getPQCNamedGroup()) + switch (kemConfig.getKEMNamedGroup()) { case NamedGroup.kyber512: return KyberParameters.kyber512; @@ -32,22 +32,22 @@ public static KyberParameters getKyberParameters(TlsPQCConfig pqcConfig) } protected final JcaTlsCrypto crypto; - protected final TlsPQCConfig pqcConfig; + protected final TlsKEMConfig kemConfig; protected final KyberParameters kyberParameters; - public TlsPQCConfig getTlsPQCConfig() + public TlsKEMConfig getTlsKEMConfig() { - return pqcConfig; + return kemConfig; } - public JceTlsKyberDomain(JcaTlsCrypto crypto, TlsPQCConfig pqcConfig) + public JceTlsKyberDomain(JcaTlsCrypto crypto, TlsKEMConfig kemConfig) { this.crypto = crypto; - this.pqcConfig = pqcConfig; - this.kyberParameters = getKyberParameters(pqcConfig); + this.kemConfig = kemConfig; + this.kyberParameters = getKyberParameters(kemConfig); } - public TlsAgreement createPQC() + public TlsAgreement createKEM() { return new JceTlsKyber(this); } From 889147e7c5ec794fb2feca5d52788297ccdb99ac Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Tue, 13 Feb 2024 11:05:52 +0000 Subject: [PATCH 5/7] remove TlsKemMode --- .../main/java/org/bouncycastle/tls/TlsServerProtocol.java | 1 - tls/src/main/java/org/bouncycastle/tls/TlsUtils.java | 1 - .../main/java/org/bouncycastle/tls/crypto/TlsKemMode.java | 7 ------- 3 files changed, 9 deletions(-) delete mode 100644 tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java b/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java index 6ce7c1dd89..ff067d2dd5 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsServerProtocol.java @@ -14,7 +14,6 @@ import org.bouncycastle.tls.crypto.TlsDHConfig; import org.bouncycastle.tls.crypto.TlsECConfig; import org.bouncycastle.tls.crypto.TlsKEMConfig; -import org.bouncycastle.tls.crypto.TlsKemMode; import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.util.Arrays; diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java index 55bbb955e5..00f3305629 100644 --- a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java +++ b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java @@ -41,7 +41,6 @@ import org.bouncycastle.tls.crypto.TlsHash; import org.bouncycastle.tls.crypto.TlsHashOutputStream; import org.bouncycastle.tls.crypto.TlsKEMConfig; -import org.bouncycastle.tls.crypto.TlsKemMode; import org.bouncycastle.tls.crypto.TlsSecret; import org.bouncycastle.tls.crypto.TlsStreamSigner; import org.bouncycastle.tls.crypto.TlsStreamVerifier; diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java deleted file mode 100644 index 6081608b63..0000000000 --- a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsKemMode.java +++ /dev/null @@ -1,7 +0,0 @@ -package org.bouncycastle.tls.crypto; - -public enum TlsKemMode -{ - KEM_CLIENT, - KEM_SERVER, -} From 7d587f0e5c9800085687be406627183b4f62d908 Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Wed, 14 Feb 2024 09:03:03 +0000 Subject: [PATCH 6/7] delete PQC namedGroups from hasAnyECDSA --- .../java/org/bouncycastle/jsse/provider/NamedGroupInfo.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java index 9cfbb3e5f3..384f203795 100644 --- a/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java +++ b/tls/src/main/java/org/bouncycastle/jsse/provider/NamedGroupInfo.java @@ -554,8 +554,7 @@ private static boolean hasAnyECDSA(Map local) { for (NamedGroupInfo namedGroupInfo : local.values()) { - if (NamedGroup.refersToAnECDSACurve(namedGroupInfo.getNamedGroup()) - || NamedGroup.refersToASpecificKEM(namedGroupInfo.getNamedGroup())) + if (NamedGroup.refersToAnECDSACurve(namedGroupInfo.getNamedGroup())) { return true; } From e9eea5984f9788900c6f8b18e08b37405302040f Mon Sep 17 00:00:00 2001 From: Ubuntu Date: Wed, 14 Feb 2024 09:59:42 +0000 Subject: [PATCH 7/7] add kem namedGroup test --- .../java/org/bouncycastle/jsse/provider/test/BasicTlsTest.java | 1 + 1 file changed, 1 insertion(+) diff --git a/tls/src/test/java/org/bouncycastle/jsse/provider/test/BasicTlsTest.java b/tls/src/test/java/org/bouncycastle/jsse/provider/test/BasicTlsTest.java index de1cbcaee2..03f5bf58a7 100644 --- a/tls/src/test/java/org/bouncycastle/jsse/provider/test/BasicTlsTest.java +++ b/tls/src/test/java/org/bouncycastle/jsse/provider/test/BasicTlsTest.java @@ -24,6 +24,7 @@ public class BasicTlsTest protected void setUp() { ProviderUtils.setupLowPriority(false); +// System.setProperty("jdk.tls.namedGroups", "kyber768"); } private static final String HOST = "localhost";