Move TODOs in to KemUtil

peterdettman · peterdettman · commit b031bf3ad958 · 2025-05-08T11:21:00.000+07:00
diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JcaTlsCrypto.java
@@ -447,19 +447,7 @@ else if (NamedGroup.refersToASpecificFiniteField(namedGroup))
         }
         else if (NamedGroup.refersToASpecificKem(namedGroup))
         {
-            switch (namedGroup)
-            {
-            /*
-             * TODO[tls-kem] Return AlgorithmParameters to check against disabled algorithms?
-             */
-            case NamedGroup.OQS_mlkem512:
-            case NamedGroup.OQS_mlkem768:
-            case NamedGroup.OQS_mlkem1024:
-            case NamedGroup.MLKEM512:
-            case NamedGroup.MLKEM768:
-            case NamedGroup.MLKEM1024:
-                return null;
-            }
+        	return KemUtil.getAlgorithmParameters(this, NamedGroup.getKemName(namedGroup));
         }
 
         throw new IllegalArgumentException("NamedGroup not supported: " + NamedGroup.getText(namedGroup));
@@ -1161,9 +1149,7 @@ protected Boolean isSupportedNamedGroup(int namedGroup)
             }
             else if (NamedGroup.refersToASpecificKem(namedGroup))
             {
-                // TODO[tls-kem] When implemented via provider, need to check for support dynamically
-//                return Boolean.valueOf(KemUtil.isKemSupported(this, NamedGroup.getKemName(namedGroup)));
-                return Boolean.TRUE;
+                return Boolean.valueOf(KemUtil.isKemSupported(this, NamedGroup.getKemName(namedGroup)));
             }
             else if (NamedGroup.refersToAnECDSACurve(namedGroup))
             {
diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/KemUtil.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/KemUtil.java
@@ -1,9 +1,27 @@
 package org.bouncycastle.tls.crypto.impl.jcajce;
 
+import java.security.AlgorithmParameters;
+
 import javax.crypto.Cipher;
 
 class KemUtil
 {
+    static AlgorithmParameters getAlgorithmParameters(JcaTlsCrypto crypto, String kemName)
+    {
+        try
+        {
+             // TODO[tls-kem] Return AlgorithmParameters to check against disabled algorithms?
+        }
+        catch (AssertionError e)
+        {
+        }
+        catch (Exception e)
+        {
+        }
+
+        return null;
+    }
+
     static Cipher getCipher(JcaTlsCrypto crypto, String kemName)
     {
         try
@@ -12,16 +30,18 @@ static Cipher getCipher(JcaTlsCrypto crypto, String kemName)
         }
         catch (AssertionError e)
         {
-            return null;
         }
         catch (Exception e)
         {
-            return null;
         }
+
+        return null;
     }
 
     static boolean isKemSupported(JcaTlsCrypto crypto, String kemName)
     {
-    	return kemName != null && getCipher(crypto, kemName) != null;
+        // TODO[tls-kem] When implemented via provider, need to check for support dynamically
+//    	return kemName != null && getCipher(crypto, kemName) != null;
+    	return true;
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -447,19 +447,7 @@ else if (NamedGroup.refersToASpecificFiniteField(namedGroup))`
`447`	`447`	`}`
`448`	`448`	`else if (NamedGroup.refersToASpecificKem(namedGroup))`
`449`	`449`	`{`
`450`		`- switch (namedGroup)`
`451`		`- {`
`452`		`- /*`
`453`		`- * TODO[tls-kem] Return AlgorithmParameters to check against disabled algorithms?`
`454`		`- */`
`455`		`- case NamedGroup.OQS_mlkem512:`
`456`		`- case NamedGroup.OQS_mlkem768:`
`457`		`- case NamedGroup.OQS_mlkem1024:`
`458`		`- case NamedGroup.MLKEM512:`
`459`		`- case NamedGroup.MLKEM768:`
`460`		`- case NamedGroup.MLKEM1024:`
`461`		`- return null;`
`462`		`- }`
	`450`	`+ return KemUtil.getAlgorithmParameters(this, NamedGroup.getKemName(namedGroup));`
`463`	`451`	`}`
`464`	`452`
`465`	`453`	`throw new IllegalArgumentException("NamedGroup not supported: " + NamedGroup.getText(namedGroup));`
`@@ -1161,9 +1149,7 @@ protected Boolean isSupportedNamedGroup(int namedGroup)`
`1161`	`1149`	`}`
`1162`	`1150`	`else if (NamedGroup.refersToASpecificKem(namedGroup))`
`1163`	`1151`	`{`
`1164`		`- // TODO[tls-kem] When implemented via provider, need to check for support dynamically`
`1165`		`-// return Boolean.valueOf(KemUtil.isKemSupported(this, NamedGroup.getKemName(namedGroup)));`
`1166`		`- return Boolean.TRUE;`
	`1152`	`+ return Boolean.valueOf(KemUtil.isKemSupported(this, NamedGroup.getKemName(namedGroup)));`
`1167`	`1153`	`}`
`1168`	`1154`	`else if (NamedGroup.refersToAnECDSACurve(namedGroup))`
`1169`	`1155`	`{`
Original file line number	Diff line number	Diff line change
`@@ -1,9 +1,27 @@`
`1`	`1`	`package org.bouncycastle.tls.crypto.impl.jcajce;`
`2`	`2`
	`3`	`+import java.security.AlgorithmParameters;`
	`4`	`+`
`3`	`5`	`import javax.crypto.Cipher;`
`4`	`6`
`5`	`7`	`class KemUtil`
`6`	`8`	`{`
	`9`	`+ static AlgorithmParameters getAlgorithmParameters(JcaTlsCrypto crypto, String kemName)`
	`10`	`+ {`
	`11`	`+ try`
	`12`	`+ {`
	`13`	`+ // TODO[tls-kem] Return AlgorithmParameters to check against disabled algorithms?`
	`14`	`+ }`
	`15`	`+ catch (AssertionError e)`
	`16`	`+ {`
	`17`	`+ }`
	`18`	`+ catch (Exception e)`
	`19`	`+ {`
	`20`	`+ }`
	`21`	`+`
	`22`	`+ return null;`
	`23`	`+ }`
	`24`	`+`
`7`	`25`	`static Cipher getCipher(JcaTlsCrypto crypto, String kemName)`
`8`	`26`	`{`
`9`	`27`	`try`
`@@ -12,16 +30,18 @@ static Cipher getCipher(JcaTlsCrypto crypto, String kemName)`
`12`	`30`	`}`
`13`	`31`	`catch (AssertionError e)`
`14`	`32`	`{`
`15`		`- return null;`
`16`	`33`	`}`
`17`	`34`	`catch (Exception e)`
`18`	`35`	`{`
`19`		`- return null;`
`20`	`36`	`}`
	`37`	`+`
	`38`	`+ return null;`
`21`	`39`	`}`
`22`	`40`
`23`	`41`	`static boolean isKemSupported(JcaTlsCrypto crypto, String kemName)`
`24`	`42`	`{`
`25`		`- return kemName != null && getCipher(crypto, kemName) != null;`
	`43`	`+ // TODO[tls-kem] When implemented via provider, need to check for support dynamically`
	`44`	`+// return kemName != null && getCipher(crypto, kemName) != null;`
	`45`	`+ return true;`
`26`	`46`	`}`
`27`	`47`	`}`