Update tests for new algorithms and message digests. (#1458)

miguelaranda0 · web-flow · commit 6152118c19bf · 2026-01-08T16:59:07.000Z
Another change to get the repos in sync.
diff --git a/common/src/test/java/org/conscrypt/java/security/KeyPairGeneratorTest.java b/common/src/test/java/org/conscrypt/java/security/KeyPairGeneratorTest.java
@@ -152,6 +152,10 @@ private static List<Integer> getKeySizes(String algorithm) throws Exception {
         putKeySize("EC", 521);
         putKeySize("XDH", 255);
         putKeySize("EdDSA", 255);
+        putKeySize("ML-KEM", -1);
+        putKeySize("ML-KEM-512", -1);
+        putKeySize("ML-KEM-768", -1);
+        putKeySize("ML-KEM-1024", -1);
         putKeySize("ML-DSA", -1);
         putKeySize("ML-DSA-44", -1);
         putKeySize("ML-DSA-65", -1);
@@ -184,6 +188,11 @@ private void test_KeyPairGenerator(KeyPairGenerator kpg) throws Exception {
 
         List<Integer> keySizes = getKeySizes(algorithm);
         for (int keySize : keySizes) {
+            if (algorithm.equals("ML-KEM")) {
+                // The generic ML-KEM generator in SunJCE doesn't support initialize(keySize).
+                // The specific named variants like "ML-KEM-512" are tested separately.
+                continue;
+            }
             // TODO(flooey): Remove when we don't support Java 6 anymore
             if ("DSA".equals(algorithm)
                     && ("SUN".equalsIgnoreCase(kpg.getProvider().getName())
@@ -252,6 +261,11 @@ private void test_Key(KeyPairGenerator kpg, Key k) throws Exception {
             // which supported generation of Ed25519 keys before Conscrypt did.
             expectedAlgorithm = "1.3.101.112";
         }
+        if (expectedAlgorithm.startsWith("ML-KEM")) {
+            // The KeyPairGenerator might be "ML-KEM-512", but the key it generates
+            // has the algorithm "ML-KEM".
+            expectedAlgorithm = "ML-KEM";
+        }
         assertEquals(expectedAlgorithm, k.getAlgorithm().toUpperCase(Locale.ROOT));
         if (expectedAlgorithm.equals("DH")) {
             if (k instanceof DHPublicKey) {
@@ -274,6 +288,10 @@ private void test_Key(KeyPairGenerator kpg, Key k) throws Exception {
             // ML-DSA keys are not yet serializable, so just skip them.
             return;
         }
+        if (expectedAlgorithm.equals("ML-KEM")) {
+            // ML-KEM keys are not yet serializable, so just skip them.
+            return;
+        }
         if (expectedAlgorithm.equals("SLH-DSA-SHA2-128S")) {
             // SLH-DSA keys are not yet serializable, so just skip them.
             return;
diff --git a/common/src/test/java/org/conscrypt/java/security/MessageDigestTest.java b/common/src/test/java/org/conscrypt/java/security/MessageDigestTest.java
@@ -169,6 +169,13 @@ private static Map<String, byte[]> getExpectations(String algorithm) throws Exce
             TestUtils.decodeHex(
                 "a69f73cca23a9ac5c8b567dc185a756e97c982164fe25859e0d1dcc1475c80a6"
                     + "15b2123af1f5f94c11e3e9402c3ac558f500199d95b6d3e301758586281dcd26"));
+        putExpectation("SHAKE128-256", INPUT_EMPTY,
+                TestUtils.decodeHex(
+                        "7f9c2ba4e88f827d616045507605853ed73b8093f6efbc88eb1a6eacfa66ef26"));
+        putExpectation("SHAKE256-512", INPUT_EMPTY,
+                TestUtils.decodeHex(
+                        "46b9dd2b0ba88d13233b3feb743eeb243fcd52ea62b81b82b50c27646ed5762f"
+                        + "d75dc4ddd8c0f200cb05019d67b592f6fc821c49479ab48640292eacb3b7c4be"));
 
         // Regression test for a SHA-1 problem with inputs larger than 256 MiB. http://b/4501620
         // In mid-2013 this takes 3 minutes even on the host, so let's not run it on devices.
