TLS: Alternate ML-KEM key pair generation to allow use of our SecureRandom

peterdettman · peterdettman · commit c7682d150193 · 2025-05-29T01:00:00.000+07:00
diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsMLKemDomain.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/JceTlsMLKemDomain.java
@@ -1,6 +1,7 @@
 package org.bouncycastle.tls.crypto.impl.jcajce;
 
 import java.io.IOException;
+import java.security.GeneralSecurityException;
 import java.security.KeyPair;
 import java.security.KeyPairGenerator;
 import java.security.PrivateKey;
@@ -11,6 +12,7 @@
 import org.bouncycastle.jcajce.SecretKeyWithEncapsulation;
 import org.bouncycastle.jcajce.spec.KEMExtractSpec;
 import org.bouncycastle.jcajce.spec.KEMGenerateSpec;
+import org.bouncycastle.jcajce.spec.MLKEMParameterSpec;
 import org.bouncycastle.tls.NamedGroup;
 import org.bouncycastle.tls.crypto.TlsAgreement;
 import org.bouncycastle.tls.crypto.TlsKemConfig;
@@ -43,7 +45,7 @@ public JceTlsSecret decapsulate(PrivateKey privateKey, byte[] ciphertext)
     {
         try
         {
-            KeyGenerator keyGenerator = KemUtil.getKeyGenerator(crypto, kemName);
+            KeyGenerator keyGenerator = crypto.getHelper().createKeyGenerator(kemName);
             keyGenerator.init(new KEMExtractSpec.Builder(privateKey, ciphertext, "DEF", 256).withNoKdf().build());
             SecretKeyWithEncapsulation secEnc = (SecretKeyWithEncapsulation)keyGenerator.generateKey();
             return adoptLocalSecret(secEnc.getEncoded());
@@ -64,7 +66,7 @@ public SecretKeyWithEncapsulation encapsulate(PublicKey publicKey)
     {
         try
         {
-            KeyGenerator keyGenerator = KemUtil.getKeyGenerator(crypto, kemName);
+            KeyGenerator keyGenerator = crypto.getHelper().createKeyGenerator(kemName);
             keyGenerator.init(new KEMGenerateSpec.Builder(publicKey, "DEF", 256).withNoKdf().build());
             return (SecretKeyWithEncapsulation)keyGenerator.generateKey();
         }
@@ -82,20 +84,21 @@ public byte[] encodePublicKey(PublicKey publicKey)
 
     public KeyPair generateKeyPair()
     {
-        // TODO How to pass only the SecureRandom? 
-//        try
-//        {
+        try
+        {
+            // TODO How to pass only the SecureRandom to initialize if we use the full name in the getInstance?
 //            KeyPairGenerator keyPairGenerator = KemUtil.getKeyPairGenerator(crypto, kemName);
 //            keyPairGenerator.initialize((AlgorithmParameterSpec)null, crypto.getSecureRandom());
 //            return keyPairGenerator.generateKeyPair();
-//        }
-//        catch (GeneralSecurityException e)
-//        {
-//            throw Exceptions.illegalStateException("unable to create key pair: " + e.getMessage(), e);
-//        }
 
-        KeyPairGenerator keyPairGenerator = KemUtil.getKeyPairGenerator(crypto, kemName);
-        return keyPairGenerator.generateKeyPair();
+            KeyPairGenerator keyPairGenerator = crypto.getHelper().createKeyPairGenerator("ML-KEM");
+            keyPairGenerator.initialize(MLKEMParameterSpec.fromName(kemName), crypto.getSecureRandom());
+            return keyPairGenerator.generateKeyPair();
+        }
+        catch (GeneralSecurityException e)
+        {
+            throw Exceptions.illegalStateException("unable to create key pair: " + e.getMessage(), e);
+        }
     }
 
     public boolean isServer()
diff --git a/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/KemUtil.java b/tls/src/main/java/org/bouncycastle/tls/crypto/impl/jcajce/KemUtil.java
@@ -116,7 +116,9 @@ static KeyPairGenerator getKeyPairGenerator(JcaTlsCrypto crypto, String kemName)
     {
         try
         {
-            return crypto.getHelper().createKeyPairGenerator(kemName);
+            KeyPairGenerator keyPairGenerator = crypto.getHelper().createKeyPairGenerator("ML-KEM");
+            keyPairGenerator.initialize(MLKEMParameterSpec.fromName(kemName), crypto.getSecureRandom());
+            return keyPairGenerator;
         }
         catch (AssertionError e)
         {
@@ -159,6 +161,6 @@ private static ASN1ObjectIdentifier getAlgorithmOID(String kemName)
             return NISTObjectIdentifiers.id_alg_ml_kem_1024;
         }
 
-        throw Exceptions.illegalArgumentException("unknown kem name " + kemName, null);        
+        throw new IllegalArgumentException("unknown kem name " + kemName);        
     }
 }

Original file line number	Diff line number	Diff line change
`@@ -116,7 +116,9 @@ static KeyPairGenerator getKeyPairGenerator(JcaTlsCrypto crypto, String kemName)`
`116`	`116`	`{`
`117`	`117`	`try`
`118`	`118`	`{`
`119`		`- return crypto.getHelper().createKeyPairGenerator(kemName);`
	`119`	`+ KeyPairGenerator keyPairGenerator = crypto.getHelper().createKeyPairGenerator("ML-KEM");`
	`120`	`+ keyPairGenerator.initialize(MLKEMParameterSpec.fromName(kemName), crypto.getSecureRandom());`
	`121`	`+ return keyPairGenerator;`
`120`	`122`	`}`
`121`	`123`	`catch (AssertionError e)`
`122`	`124`	`{`
`@@ -159,6 +161,6 @@ private static ASN1ObjectIdentifier getAlgorithmOID(String kemName)`
`159`	`161`	`return NISTObjectIdentifiers.id_alg_ml_kem_1024;`
`160`	`162`	`}`
`161`	`163`
`162`		`- throw Exceptions.illegalArgumentException("unknown kem name " + kemName, null);`
	`164`	`+ throw new IllegalArgumentException("unknown kem name " + kemName);`
`163`	`165`	`}`
`164`	`166`	`}`