Refactoring in tls around ML-KEM changes

peterdettman · peterdettman · commit 4da929358631 · 2024-11-17T22:43:31.000+07:00
diff --git a/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java b/tls/src/main/java/org/bouncycastle/tls/TlsUtils.java
@@ -5316,7 +5316,7 @@ static Hashtable addKeyShareToClientHello(TlsClientContext clientContext, TlsCli
         Hashtable clientAgreements = new Hashtable(3);
         Vector clientShares = new Vector(2);
 
-        collectKeyShares(clientContext, supportedGroups, keyShareGroups, clientAgreements, clientShares);
+        collectKeyShares(clientContext.getCrypto(), supportedGroups, keyShareGroups, clientAgreements, clientShares);
 
         // TODO[tls13-psk] When clientShares empty, consider not adding extension if pre_shared_key in use
         TlsExtensionsUtils.addKeyShareClientHello(clientExtensions, clientShares);
@@ -5332,7 +5332,7 @@ static Hashtable addKeyShareToClientHelloRetry(TlsClientContext clientContext, H
         Hashtable clientAgreements = new Hashtable(1, 1.0f);
         Vector clientShares = new Vector(1);
 
-        collectKeyShares(clientContext, supportedGroups, keyShareGroups, clientAgreements, clientShares);
+        collectKeyShares(clientContext.getCrypto(), supportedGroups, keyShareGroups, clientAgreements, clientShares);
 
         TlsExtensionsUtils.addKeyShareClientHello(clientExtensions, clientShares);
 
@@ -5345,10 +5345,9 @@ static Hashtable addKeyShareToClientHelloRetry(TlsClientContext clientContext, H
         return clientAgreements;
     }
 
-    private static void collectKeyShares(TlsClientContext clientContext, int[] supportedGroups, Vector keyShareGroups,
+    private static void collectKeyShares(TlsCrypto crypto, int[] supportedGroups, Vector keyShareGroups,
         Hashtable clientAgreements, Vector clientShares) throws IOException
     {
-        TlsCrypto crypto = clientContext.getCrypto();
         if (isNullOrEmpty(supportedGroups))
         {
             return;
@@ -5444,14 +5443,12 @@ static KeyShareEntry selectKeyShare(TlsCrypto crypto, ProtocolVersion negotiated
                     continue;
                 }
 
-                if ((NamedGroup.refersToAnECDHCurve(group) && !crypto.hasECDHAgreement()) ||
-                    (NamedGroup.refersToASpecificFiniteField(group) && !crypto.hasDHAgreement()) ||
-                    (NamedGroup.refersToASpecificKem(group) && !crypto.hasKemAgreement()))
+                if ((NamedGroup.refersToAnECDHCurve(group) && crypto.hasECDHAgreement()) ||
+                    (NamedGroup.refersToASpecificFiniteField(group) && crypto.hasDHAgreement()) ||
+                    (NamedGroup.refersToASpecificKem(group) && crypto.hasKemAgreement()))
                 {
-                    continue;
+                    return clientShare;
                 }
-
-                return clientShare;
             }
         }
         return null;
@@ -5481,14 +5478,12 @@ static int selectKeyShareGroup(TlsCrypto crypto, ProtocolVersion negotiatedVersi
                     continue;
                 }
 
-                if ((NamedGroup.refersToAnECDHCurve(group) && !crypto.hasECDHAgreement()) ||
-                    (NamedGroup.refersToASpecificFiniteField(group) && !crypto.hasDHAgreement()) ||
-                    (NamedGroup.refersToASpecificKem(group) && !crypto.hasKemAgreement()))
+                if ((NamedGroup.refersToAnECDHCurve(group) && crypto.hasECDHAgreement()) ||
+                    (NamedGroup.refersToASpecificFiniteField(group) && crypto.hasDHAgreement()) ||
+                    (NamedGroup.refersToASpecificKem(group) && crypto.hasKemAgreement()))
                 {
-                    continue;
+                    return group;
                 }
-
-                return group;
             }
         }
         return -1;
diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/TlsCrypto.java
@@ -69,13 +69,6 @@ public interface TlsCrypto
      */
     boolean hasECDHAgreement();
 
-    /**
-     * Return true if this TlsCrypto can support KEM key agreement.
-     *
-     * @return true if this instance can support KEM key agreement, false otherwise.
-     */
-    boolean hasKemAgreement();
-
     /**
      * Return true if this TlsCrypto can support the passed in block/stream encryption algorithm.
      *
@@ -92,6 +85,13 @@ public interface TlsCrypto
      */
     boolean hasHKDFAlgorithm(int cryptoHashAlgorithm);
 
+    /**
+     * Return true if this TlsCrypto can support KEM key agreement.
+     *
+     * @return true if this instance can support KEM key agreement, false otherwise.
+     */
+    boolean hasKemAgreement();
+
     /**
      * Return true if this TlsCrypto can support the passed in MAC algorithm.
      *
diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/bc/BcTlsCrypto.java
@@ -316,11 +316,6 @@ public boolean hasECDHAgreement()
         return true;
     }
 
-    public boolean hasKemAgreement()
-    {
-        return true;
-    }
-
     public boolean hasEncryptionAlgorithm(int encryptionAlgorithm)
     {
         switch (encryptionAlgorithm)
@@ -379,6 +374,11 @@ public boolean hasHKDFAlgorithm(int cryptoHashAlgorithm)
         }
     }
 
+    public boolean hasKemAgreement()
+    {
+        return true;
+    }
+
     public boolean hasMacAlgorithm(int macAlgorithm)
     {
         switch (macAlgorithm)
diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java
@@ -582,11 +582,6 @@ public boolean hasECDHAgreement()
     {
         return true;
     }
-    
-    public boolean hasKemAgreement()
-    {
-        return true;
-    }
 
     public boolean hasEncryptionAlgorithm(int encryptionAlgorithm)
     {
@@ -636,6 +631,11 @@ public boolean hasHKDFAlgorithm(int cryptoHashAlgorithm)
         }
     }
 
+    public boolean hasKemAgreement()
+    {
+        return true;
+    }
+
     public boolean hasMacAlgorithm(int macAlgorithm)
     {
         switch (macAlgorithm)
diff --git a/tls/src/test/java/org/bouncycastle/tls/test/MockTlsKemClient.java b/tls/src/test/java/org/bouncycastle/tls/test/MockTlsKemClient.java
@@ -33,10 +33,17 @@
 import org.bouncycastle.util.encoders.Hex;
 
 class MockTlsKemClient
-        extends DefaultTlsClient
+    extends DefaultTlsClient
 {
     TlsSession session;
 
+    int[] namedGroups = new int[]
+    {
+        NamedGroup.MLKEM512,
+        NamedGroup.MLKEM768,
+        NamedGroup.MLKEM1024,
+    };
+
     MockTlsKemClient(TlsSession session)
     {
         super(new BcTlsCrypto());
@@ -52,25 +59,19 @@ protected Vector getProtocolNames()
         return protocolNames;
     }
 
-    public int[] supportedGroups = new int[] {
-        NamedGroup.MLKEM512,
-        NamedGroup.MLKEM768,
-        NamedGroup.MLKEM1024,
-    };
-
-    public void setSupportedGroups(int[] supportedGroups)
+    void setNamedGroups(int[] namedGroups)
     {
-        this.supportedGroups = supportedGroups;
+        this.namedGroups = namedGroups;
     }
 
     protected Vector getSupportedGroups(Vector namedGroupRoles) {
         TlsCrypto crypto = getCrypto();
         Vector supportedGroups = new Vector();
 
-        if (namedGroupRoles.contains(Integers.valueOf(NamedGroupRole.kem))) {
-            TlsUtils.addIfSupported(supportedGroups, crypto,
-                    this.supportedGroups);
-        };
+        if (namedGroupRoles.contains(Integers.valueOf(NamedGroupRole.kem)))
+        {
+            TlsUtils.addIfSupported(supportedGroups, crypto, this.namedGroups);
+        }
         return supportedGroups;
     }
 
@@ -82,8 +83,8 @@ public TlsSession getSessionToResume()
     public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
     {
         PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS client raised alert: " + AlertLevel.getText(alertLevel)
-                + ", " + AlertDescription.getText(alertDescription));
+        out.println("TLS KEM client raised alert: " + AlertLevel.getText(alertLevel)
+            + ", " + AlertDescription.getText(alertDescription));
         if (message != null)
         {
             out.println("> " + message);
@@ -98,7 +99,7 @@ public void notifyAlertReceived(short alertLevel, short alertDescription)
     {
         PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
         out.println("TLS KEM client received alert: " + AlertLevel.getText(alertLevel)
-                + ", " + AlertDescription.getText(alertDescription));
+            + ", " + AlertDescription.getText(alertDescription));
     }
 
     public Hashtable getClientExtensions() throws IOException
@@ -141,24 +142,24 @@ public void notifyServerCertificate(TlsServerCertificate serverCertificate) thro
                     Certificate entry = Certificate.getInstance(chain[i].getEncoded());
                     // TODO Create fingerprint based on certificate signature algorithm digest
                     System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                            + entry.getSubject() + ")");
+                        + entry.getSubject() + ")");
                 }
 
                 boolean isEmpty = serverCertificate == null || serverCertificate.getCertificate() == null
-                        || serverCertificate.getCertificate().isEmpty();
+                    || serverCertificate.getCertificate().isEmpty();
 
                 if (isEmpty)
                 {
                     throw new TlsFatalAlert(AlertDescription.bad_certificate);
                 }
 
                 String[] trustedCertResources = new String[]{ "x509-server-dsa.pem", "x509-server-ecdh.pem",
-                        "x509-server-ecdsa.pem", "x509-server-ed25519.pem", "x509-server-ed448.pem",
-                        "x509-server-rsa_pss_256.pem", "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem",
-                        "x509-server-rsa-enc.pem", "x509-server-rsa-sign.pem" };
+                    "x509-server-ecdsa.pem", "x509-server-ed25519.pem", "x509-server-ed448.pem",
+                    "x509-server-rsa_pss_256.pem", "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem",
+                    "x509-server-rsa-enc.pem", "x509-server-rsa-sign.pem" };
 
                 TlsCertificate[] certPath = TlsTestUtils.getTrustedCertPath(context.getCrypto(), chain[0],
-                        trustedCertResources);
+                    trustedCertResources);
 
                 if (null == certPath)
                 {
@@ -177,7 +178,7 @@ public TlsCredentials getClientCredentials(CertificateRequest certificateRequest
                 }
 
                 return TlsTestUtils.loadSignerCredentials(context, certificateRequest.getSupportedSignatureAlgorithms(),
-                        SignatureAlgorithm.rsa, "x509-client-rsa.pem", "x509-client-key-rsa.pem");
+                    SignatureAlgorithm.rsa, "x509-client-rsa.pem", "x509-client-key-rsa.pem");
             }
         };
     }
@@ -189,7 +190,7 @@ public void notifyHandshakeComplete() throws IOException
         ProtocolName protocolName = context.getSecurityParametersConnection().getApplicationProtocol();
         if (protocolName != null)
         {
-            System.out.println("KEM Client ALPN: " + protocolName.getUtf8Decoding());
+            System.out.println("Client ALPN: " + protocolName.getUtf8Decoding());
         }
 
         TlsSession newSession = context.getSession();
@@ -202,11 +203,11 @@ public void notifyHandshakeComplete() throws IOException
 
                 if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))
                 {
-                    System.out.println("KEM Client resumed session: " + hex);
+                    System.out.println("Client resumed session: " + hex);
                 }
                 else
                 {
-                    System.out.println("KEM Client established session: " + hex);
+                    System.out.println("Client established session: " + hex);
                 }
 
                 this.session = newSession;
@@ -215,14 +216,14 @@ public void notifyHandshakeComplete() throws IOException
             byte[] tlsServerEndPoint = context.exportChannelBinding(ChannelBinding.tls_server_end_point);
             if (null != tlsServerEndPoint)
             {
-                System.out.println("KEM Client 'tls-server-end-point': " + hex(tlsServerEndPoint));
+                System.out.println("Client 'tls-server-end-point': " + hex(tlsServerEndPoint));
             }
 
             byte[] tlsUnique = context.exportChannelBinding(ChannelBinding.tls_unique);
-            System.out.println("KEM Client 'tls-unique': " + hex(tlsUnique));
+            System.out.println("Client 'tls-unique': " + hex(tlsUnique));
 
             byte[] tlsExporter = context.exportChannelBinding(ChannelBinding.tls_exporter);
-            System.out.println("KEM Client 'tls-exporter': " + hex(tlsExporter));
+            System.out.println("Client 'tls-exporter': " + hex(tlsExporter));
         }
     }
 
@@ -240,4 +241,5 @@ protected String hex(byte[] data)
     {
         return data == null ? "(null)" : Hex.toHexString(data);
     }
-}
+}
+
diff --git a/tls/src/test/java/org/bouncycastle/tls/test/MockTlsKemServer.java b/tls/src/test/java/org/bouncycastle/tls/test/MockTlsKemServer.java
diff --git a/tls/src/test/java/org/bouncycastle/tls/test/TlsProtocolKemTest.java b/tls/src/test/java/org/bouncycastle/tls/test/TlsProtocolKemTest.java

Original file line number	Diff line number	Diff line change
`@@ -5316,7 +5316,7 @@ static Hashtable addKeyShareToClientHello(TlsClientContext clientContext, TlsCli`
`5316`	`5316`	`Hashtable clientAgreements = new Hashtable(3);`
`5317`	`5317`	`Vector clientShares = new Vector(2);`
`5318`	`5318`
`5319`		`- collectKeyShares(clientContext, supportedGroups, keyShareGroups, clientAgreements, clientShares);`
	`5319`	`+ collectKeyShares(clientContext.getCrypto(), supportedGroups, keyShareGroups, clientAgreements, clientShares);`
`5320`	`5320`
`5321`	`5321`	`// TODO[tls13-psk] When clientShares empty, consider not adding extension if pre_shared_key in use`
`5322`	`5322`	`TlsExtensionsUtils.addKeyShareClientHello(clientExtensions, clientShares);`
`@@ -5332,7 +5332,7 @@ static Hashtable addKeyShareToClientHelloRetry(TlsClientContext clientContext, H`
`5332`	`5332`	`Hashtable clientAgreements = new Hashtable(1, 1.0f);`
`5333`	`5333`	`Vector clientShares = new Vector(1);`
`5334`	`5334`
`5335`		`- collectKeyShares(clientContext, supportedGroups, keyShareGroups, clientAgreements, clientShares);`
	`5335`	`+ collectKeyShares(clientContext.getCrypto(), supportedGroups, keyShareGroups, clientAgreements, clientShares);`
`5336`	`5336`
`5337`	`5337`	`TlsExtensionsUtils.addKeyShareClientHello(clientExtensions, clientShares);`
`5338`	`5338`
`@@ -5345,10 +5345,9 @@ static Hashtable addKeyShareToClientHelloRetry(TlsClientContext clientContext, H`
`5345`	`5345`	`return clientAgreements;`
`5346`	`5346`	`}`
`5347`	`5347`
`5348`		`- private static void collectKeyShares(TlsClientContext clientContext, int[] supportedGroups, Vector keyShareGroups,`
	`5348`	`+ private static void collectKeyShares(TlsCrypto crypto, int[] supportedGroups, Vector keyShareGroups,`
`5349`	`5349`	`Hashtable clientAgreements, Vector clientShares) throws IOException`
`5350`	`5350`	`{`
`5351`		`- TlsCrypto crypto = clientContext.getCrypto();`
`5352`	`5351`	`if (isNullOrEmpty(supportedGroups))`
`5353`	`5352`	`{`
`5354`	`5353`	`return;`
`@@ -5444,14 +5443,12 @@ static KeyShareEntry selectKeyShare(TlsCrypto crypto, ProtocolVersion negotiated`
`5444`	`5443`	`continue;`
`5445`	`5444`	`}`
`5446`	`5445`
`5447`		`- if ((NamedGroup.refersToAnECDHCurve(group) && !crypto.hasECDHAgreement()) \|\|`
`5448`		`- (NamedGroup.refersToASpecificFiniteField(group) && !crypto.hasDHAgreement()) \|\|`
`5449`		`- (NamedGroup.refersToASpecificKem(group) && !crypto.hasKemAgreement()))`
	`5446`	`+ if ((NamedGroup.refersToAnECDHCurve(group) && crypto.hasECDHAgreement()) \|\|`
	`5447`	`+ (NamedGroup.refersToASpecificFiniteField(group) && crypto.hasDHAgreement()) \|\|`
	`5448`	`+ (NamedGroup.refersToASpecificKem(group) && crypto.hasKemAgreement()))`
`5450`	`5449`	`{`
`5451`		`- continue;`
	`5450`	`+ return clientShare;`
`5452`	`5451`	`}`
`5453`		`-`
`5454`		`- return clientShare;`
`5455`	`5452`	`}`
`5456`	`5453`	`}`
`5457`	`5454`	`return null;`
`@@ -5481,14 +5478,12 @@ static int selectKeyShareGroup(TlsCrypto crypto, ProtocolVersion negotiatedVersi`
`5481`	`5478`	`continue;`
`5482`	`5479`	`}`
`5483`	`5480`
`5484`		`- if ((NamedGroup.refersToAnECDHCurve(group) && !crypto.hasECDHAgreement()) \|\|`
`5485`		`- (NamedGroup.refersToASpecificFiniteField(group) && !crypto.hasDHAgreement()) \|\|`
`5486`		`- (NamedGroup.refersToASpecificKem(group) && !crypto.hasKemAgreement()))`
	`5481`	`+ if ((NamedGroup.refersToAnECDHCurve(group) && crypto.hasECDHAgreement()) \|\|`
	`5482`	`+ (NamedGroup.refersToASpecificFiniteField(group) && crypto.hasDHAgreement()) \|\|`
	`5483`	`+ (NamedGroup.refersToASpecificKem(group) && crypto.hasKemAgreement()))`
`5487`	`5484`	`{`
`5488`		`- continue;`
	`5485`	`+ return group;`
`5489`	`5486`	`}`
`5490`		`-`
`5491`		`- return group;`
`5492`	`5487`	`}`
`5493`	`5488`	`}`
`5494`	`5489`	`return -1;`
Original file line number	Diff line number	Diff line change
`@@ -316,11 +316,6 @@ public boolean hasECDHAgreement()`
`316`	`316`	`return true;`
`317`	`317`	`}`
`318`	`318`
`319`		`- public boolean hasKemAgreement()`
`320`		`- {`
`321`		`- return true;`
`322`		`- }`
`323`		`-`
`324`	`319`	`public boolean hasEncryptionAlgorithm(int encryptionAlgorithm)`
`325`	`320`	`{`
`326`	`321`	`switch (encryptionAlgorithm)`
`@@ -379,6 +374,11 @@ public boolean hasHKDFAlgorithm(int cryptoHashAlgorithm)`
`379`	`374`	`}`
`380`	`375`	`}`
`381`	`376`
	`377`	`+ public boolean hasKemAgreement()`
	`378`	`+ {`
	`379`	`+ return true;`
	`380`	`+ }`
	`381`	`+`
`382`	`382`	`public boolean hasMacAlgorithm(int macAlgorithm)`
`383`	`383`	`{`
`384`	`384`	`switch (macAlgorithm)`
Original file line number	Diff line number	Diff line change
`@@ -582,11 +582,6 @@ public boolean hasECDHAgreement()`
`582`	`582`	`{`
`583`	`583`	`return true;`
`584`	`584`	`}`
`585`		`-`
`586`		`- public boolean hasKemAgreement()`
`587`		`- {`
`588`		`- return true;`
`589`		`- }`
`590`	`585`
`591`	`586`	`public boolean hasEncryptionAlgorithm(int encryptionAlgorithm)`
`592`	`587`	`{`
`@@ -636,6 +631,11 @@ public boolean hasHKDFAlgorithm(int cryptoHashAlgorithm)`
`636`	`631`	`}`
`637`	`632`	`}`
`638`	`633`
	`634`	`+ public boolean hasKemAgreement()`
	`635`	`+ {`
	`636`	`+ return true;`
	`637`	`+ }`
	`638`	`+`
`639`	`639`	`public boolean hasMacAlgorithm(int macAlgorithm)`
`640`	`640`	`{`
`641`	`641`	`switch (macAlgorithm)`
Original file line number	Diff line number	Diff line change
`@@ -33,10 +33,17 @@`
`33`	`33`	`import org.bouncycastle.util.encoders.Hex;`
`34`	`34`
`35`	`35`	`class MockTlsKemClient`
`36`		`- extends DefaultTlsClient`
	`36`	`+ extends DefaultTlsClient`
`37`	`37`	`{`
`38`	`38`	`TlsSession session;`
`39`	`39`
	`40`	`+ int[] namedGroups = new int[]`
	`41`	`+ {`
	`42`	`+ NamedGroup.MLKEM512,`
	`43`	`+ NamedGroup.MLKEM768,`
	`44`	`+ NamedGroup.MLKEM1024,`
	`45`	`+ };`
	`46`	`+`
`40`	`47`	`MockTlsKemClient(TlsSession session)`
`41`	`48`	`{`
`42`	`49`	`super(new BcTlsCrypto());`
`@@ -52,25 +59,19 @@ protected Vector getProtocolNames()`
`52`	`59`	`return protocolNames;`
`53`	`60`	`}`
`54`	`61`
`55`		`- public int[] supportedGroups = new int[] {`
`56`		`- NamedGroup.MLKEM512,`
`57`		`- NamedGroup.MLKEM768,`
`58`		`- NamedGroup.MLKEM1024,`
`59`		`- };`
`60`		`-`
`61`		`- public void setSupportedGroups(int[] supportedGroups)`
	`62`	`+ void setNamedGroups(int[] namedGroups)`
`62`	`63`	`{`
`63`		`- this.supportedGroups = supportedGroups;`
	`64`	`+ this.namedGroups = namedGroups;`
`64`	`65`	`}`
`65`	`66`
`66`	`67`	`protected Vector getSupportedGroups(Vector namedGroupRoles) {`
`67`	`68`	`TlsCrypto crypto = getCrypto();`
`68`	`69`	`Vector supportedGroups = new Vector();`
`69`	`70`
`70`		`- if (namedGroupRoles.contains(Integers.valueOf(NamedGroupRole.kem))) {`
`71`		`- TlsUtils.addIfSupported(supportedGroups, crypto,`
`72`		`- this.supportedGroups);`
`73`		`- };`
	`71`	`+ if (namedGroupRoles.contains(Integers.valueOf(NamedGroupRole.kem)))`
	`72`	`+ {`
	`73`	`+ TlsUtils.addIfSupported(supportedGroups, crypto, this.namedGroups);`
	`74`	`+ }`
`74`	`75`	`return supportedGroups;`
`75`	`76`	`}`
`76`	`77`
`@@ -82,8 +83,8 @@ public TlsSession getSessionToResume()`
`82`	`83`	`public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)`
`83`	`84`	`{`
`84`	`85`	`PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;`
`85`		`- out.println("TLS client raised alert: " + AlertLevel.getText(alertLevel)`
`86`		`- + ", " + AlertDescription.getText(alertDescription));`
	`86`	`+ out.println("TLS KEM client raised alert: " + AlertLevel.getText(alertLevel)`
	`87`	`+ + ", " + AlertDescription.getText(alertDescription));`
`87`	`88`	`if (message != null)`
`88`	`89`	`{`
`89`	`90`	`out.println("> " + message);`
`@@ -98,7 +99,7 @@ public void notifyAlertReceived(short alertLevel, short alertDescription)`
`98`	`99`	`{`
`99`	`100`	`PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;`
`100`	`101`	`out.println("TLS KEM client received alert: " + AlertLevel.getText(alertLevel)`
`101`		`- + ", " + AlertDescription.getText(alertDescription));`
	`102`	`+ + ", " + AlertDescription.getText(alertDescription));`
`102`	`103`	`}`
`103`	`104`
`104`	`105`	`public Hashtable getClientExtensions() throws IOException`
`@@ -141,24 +142,24 @@ public void notifyServerCertificate(TlsServerCertificate serverCertificate) thro`
`141`	`142`	`Certificate entry = Certificate.getInstance(chain[i].getEncoded());`
`142`	`143`	`// TODO Create fingerprint based on certificate signature algorithm digest`
`143`	`144`	`System.out.println(" fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("`
`144`		`- + entry.getSubject() + ")");`
	`145`	`+ + entry.getSubject() + ")");`
`145`	`146`	`}`
`146`	`147`
`147`	`148`	`boolean isEmpty = serverCertificate == null \|\| serverCertificate.getCertificate() == null`
`148`		`- \|\| serverCertificate.getCertificate().isEmpty();`
	`149`	`+ \|\| serverCertificate.getCertificate().isEmpty();`
`149`	`150`
`150`	`151`	`if (isEmpty)`
`151`	`152`	`{`
`152`	`153`	`throw new TlsFatalAlert(AlertDescription.bad_certificate);`
`153`	`154`	`}`
`154`	`155`
`155`	`156`	`String[] trustedCertResources = new String[]{ "x509-server-dsa.pem", "x509-server-ecdh.pem",`
`156`		`- "x509-server-ecdsa.pem", "x509-server-ed25519.pem", "x509-server-ed448.pem",`
`157`		`- "x509-server-rsa_pss_256.pem", "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem",`
`158`		`- "x509-server-rsa-enc.pem", "x509-server-rsa-sign.pem" };`
	`157`	`+ "x509-server-ecdsa.pem", "x509-server-ed25519.pem", "x509-server-ed448.pem",`
	`158`	`+ "x509-server-rsa_pss_256.pem", "x509-server-rsa_pss_384.pem", "x509-server-rsa_pss_512.pem",`
	`159`	`+ "x509-server-rsa-enc.pem", "x509-server-rsa-sign.pem" };`
`159`	`160`
`160`	`161`	`TlsCertificate[] certPath = TlsTestUtils.getTrustedCertPath(context.getCrypto(), chain[0],`
`161`		`- trustedCertResources);`
	`162`	`+ trustedCertResources);`
`162`	`163`
`163`	`164`	`if (null == certPath)`
`164`	`165`	`{`
`@@ -177,7 +178,7 @@ public TlsCredentials getClientCredentials(CertificateRequest certificateRequest`
`177`	`178`	`}`
`178`	`179`
`179`	`180`	`return TlsTestUtils.loadSignerCredentials(context, certificateRequest.getSupportedSignatureAlgorithms(),`
`180`		`- SignatureAlgorithm.rsa, "x509-client-rsa.pem", "x509-client-key-rsa.pem");`
	`181`	`+ SignatureAlgorithm.rsa, "x509-client-rsa.pem", "x509-client-key-rsa.pem");`
`181`	`182`	`}`
`182`	`183`	`};`
`183`	`184`	`}`
`@@ -189,7 +190,7 @@ public void notifyHandshakeComplete() throws IOException`
`189`	`190`	`ProtocolName protocolName = context.getSecurityParametersConnection().getApplicationProtocol();`
`190`	`191`	`if (protocolName != null)`
`191`	`192`	`{`
`192`		`- System.out.println("KEM Client ALPN: " + protocolName.getUtf8Decoding());`
	`193`	`+ System.out.println("Client ALPN: " + protocolName.getUtf8Decoding());`
`193`	`194`	`}`
`194`	`195`
`195`	`196`	`TlsSession newSession = context.getSession();`
`@@ -202,11 +203,11 @@ public void notifyHandshakeComplete() throws IOException`
`202`	`203`
`203`	`204`	`if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))`
`204`	`205`	`{`
`205`		`- System.out.println("KEM Client resumed session: " + hex);`
	`206`	`+ System.out.println("Client resumed session: " + hex);`
`206`	`207`	`}`
`207`	`208`	`else`
`208`	`209`	`{`
`209`		`- System.out.println("KEM Client established session: " + hex);`
	`210`	`+ System.out.println("Client established session: " + hex);`
`210`	`211`	`}`
`211`	`212`
`212`	`213`	`this.session = newSession;`
`@@ -215,14 +216,14 @@ public void notifyHandshakeComplete() throws IOException`
`215`	`216`	`byte[] tlsServerEndPoint = context.exportChannelBinding(ChannelBinding.tls_server_end_point);`
`216`	`217`	`if (null != tlsServerEndPoint)`
`217`	`218`	`{`
`218`		`- System.out.println("KEM Client 'tls-server-end-point': " + hex(tlsServerEndPoint));`
	`219`	`+ System.out.println("Client 'tls-server-end-point': " + hex(tlsServerEndPoint));`
`219`	`220`	`}`
`220`	`221`
`221`	`222`	`byte[] tlsUnique = context.exportChannelBinding(ChannelBinding.tls_unique);`
`222`		`- System.out.println("KEM Client 'tls-unique': " + hex(tlsUnique));`
	`223`	`+ System.out.println("Client 'tls-unique': " + hex(tlsUnique));`
`223`	`224`
`224`	`225`	`byte[] tlsExporter = context.exportChannelBinding(ChannelBinding.tls_exporter);`
`225`		`- System.out.println("KEM Client 'tls-exporter': " + hex(tlsExporter));`
	`226`	`+ System.out.println("Client 'tls-exporter': " + hex(tlsExporter));`
`226`	`227`	`}`
`227`	`228`	`}`
`228`	`229`
`@@ -240,4 +241,5 @@ protected String hex(byte[] data)`
`240`	`241`	`{`
`241`	`242`	`return data == null ? "(null)" : Hex.toHexString(data);`
`242`	`243`	`}`
`243`		`-}`
	`244`	`+}`
	`245`	`+`