update against main

Author: dghgit

tls/src/main/jdk1.4/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java

@@ -465,8 +465,12 @@ else if (NamedGroup.refersToASpecificFiniteField(namedGroup))
         }
         else if (NamedGroup.refersToASpecificKem(namedGroup))
         {
-            //Note: There is no AlgorithmParametersSpi for ML-KEM
-            return KemUtil.getAlgorithmParameters(this, NamedGroup.getKemName(namedGroup));
+            /*
+             * TODO Return AlgorithmParameters to check against disabled algorithms?
+             *
+             * NOTE: See what the JDK/SunJSSE implementation does.
+             */
+            return null;
         }
 
         throw new IllegalArgumentException("NamedGroup not supported: " + NamedGroup.getText(namedGroup));
@@ -813,6 +817,11 @@ public boolean hasSRPAuthentication()
         return true;
     }
 
+    public TlsSecret createHybridSecret(TlsSecret s1, TlsSecret s2)
+    {
+        return adoptLocalSecret(Arrays.concatenate(s1.extract(), s2.extract()));
+    }
+
     public TlsSecret createSecret(byte[] data)
     {
         try