This is an automated email from the ASF dual-hosted git repository.
acosentino pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/camel.git
The following commit(s) were added to refs/heads/main by this push:
new c679053f3a7 CAMEL-22005 - Camel-PQC: Provide default for KEM and
Signature/Verify even for non-standardized algorithms (#17844)
c679053f3a7 is described below
commit c679053f3a7650ae19466d775260f6b9e5d5f43f
Author: Andrea Cosentino <[email protected]>
AuthorDate: Wed Apr 23 14:06:59 2025 +0200
CAMEL-22005 - Camel-PQC: Provide default for KEM and Signature/Verify even
for non-standardized algorithms (#17844)
Signed-off-by: Andrea Cosentino <[email protected]>
---
.../apache/camel/component/pqc/PQCComponent.java | 29 ++++++-
...Material.java => PQCDefaultFalconMaterial.java} | 20 ++---
.../pqc/crypto/PQCDefaultLMSMaterial.java | 6 +-
.../pqc/crypto/PQCDefaultMLDSAMaterial.java | 6 +-
...Material.java => PQCDefaultPicnicMaterial.java} | 20 ++---
...aterial.java => PQCDefaultRainbowMaterial.java} | 20 ++---
.../pqc/crypto/PQCDefaultSLHDSAMaterial.java | 6 +-
.../pqc/crypto/PQCDefaultXMSSMaterial.java | 6 +-
.../PQCDefaultNTRULPRimeMaterial.java} | 37 +++++----
.../PQCDefaultNTRUMaterial.java} | 37 +++++----
...TRUGenerateEncapsulationAESNoAutowiredTest.java | 89 ++++++++++++++++++++++
.../pqc/PQCSignatureFalconNoAutowiredTest.java | 75 ++++++++++++++++++
.../pqc/PQCSignaturePicnicNoAutowiredTest.java | 75 ++++++++++++++++++
.../pqc/PQCSignatureRainbowNoAutowiredTest.java | 76 ++++++++++++++++++
14 files changed, 425 insertions(+), 77 deletions(-)
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/PQCComponent.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/PQCComponent.java
index eca95c19d14..c0f672f33e2 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/PQCComponent.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/PQCComponent.java
@@ -21,7 +21,14 @@ import java.util.Map;
import org.apache.camel.CamelContext;
import org.apache.camel.Endpoint;
import org.apache.camel.component.pqc.crypto.*;
-import org.apache.camel.component.pqc.crypto.kem.*;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultBIKEMaterial;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultCMCEMaterial;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultFRODOMaterial;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultHQCMaterial;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultMLKEMMaterial;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultNTRULPRimeMaterial;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultNTRUMaterial;
+import org.apache.camel.component.pqc.crypto.kem.PQCDefaultSABERMaterial;
import org.apache.camel.spi.Metadata;
import org.apache.camel.spi.annotations.Component;
import org.apache.camel.support.HealthCheckComponent;
@@ -70,6 +77,18 @@ public class PQCComponent extends HealthCheckComponent {
configuration.setSigner(PQCDefaultXMSSMaterial.signer);
configuration.setKeyPair(PQCDefaultXMSSMaterial.keyPair);
break;
+ case "FALCON":
+
configuration.setSigner(PQCDefaultFalconMaterial.signer);
+
configuration.setKeyPair(PQCDefaultFalconMaterial.keyPair);
+ break;
+ case "PICNIC":
+
configuration.setSigner(PQCDefaultPicnicMaterial.signer);
+
configuration.setKeyPair(PQCDefaultPicnicMaterial.keyPair);
+ break;
+ case "RAINBOW":
+
configuration.setSigner(PQCDefaultRainbowMaterial.signer);
+
configuration.setKeyPair(PQCDefaultRainbowMaterial.keyPair);
+ break;
default:
break;
}
@@ -103,6 +122,14 @@ public class PQCComponent extends HealthCheckComponent {
configuration.setKeyGenerator(PQCDefaultFRODOMaterial.keyGenerator);
configuration.setKeyPair(PQCDefaultFRODOMaterial.keyPair);
break;
+ case "NTRU":
+
configuration.setKeyGenerator(PQCDefaultNTRUMaterial.keyGenerator);
+
configuration.setKeyPair(PQCDefaultNTRUMaterial.keyPair);
+ break;
+ case "NTRULPRime":
+
configuration.setKeyGenerator(PQCDefaultNTRULPRimeMaterial.keyGenerator);
+
configuration.setKeyPair(PQCDefaultNTRULPRimeMaterial.keyPair);
+ break;
default:
break;
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultFalconMaterial.java
similarity index 70%
copy from
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
copy to
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultFalconMaterial.java
index 3584582b0ae..79fc840bf9b 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultFalconMaterial.java
@@ -16,17 +16,12 @@
*/
package org.apache.camel.component.pqc.crypto;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.Signature;
+import java.security.*;
-import org.bouncycastle.jcajce.spec.MLDSAParameterSpec;
+import org.apache.camel.component.pqc.PQCSignatureAlgorithms;
+import org.bouncycastle.pqc.jcajce.spec.FalconParameterSpec;
-public class PQCDefaultMLDSAMaterial {
+public class PQCDefaultFalconMaterial {
public static final KeyPair keyPair;
public static final Signature signer;
@@ -35,7 +30,7 @@ public class PQCDefaultMLDSAMaterial {
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("ML-DSA");
+ signer =
Signature.getInstance(PQCSignatureAlgorithms.FALCON.getAlgorithm());
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,8 +38,9 @@ public class PQCDefaultMLDSAMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ML-DSA", "BC");
- kpGen.initialize(MLDSAParameterSpec.ml_dsa_65, new SecureRandom());
+ KeyPairGenerator kpGen =
KeyPairGenerator.getInstance(PQCSignatureAlgorithms.FALCON.getAlgorithm(),
+ PQCSignatureAlgorithms.FALCON.getBcProvider());
+ kpGen.initialize(FalconParameterSpec.falcon_1024);
return kpGen;
}
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultLMSMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultLMSMaterial.java
index 0c9d37c2da4..9863700d317 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultLMSMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultLMSMaterial.java
@@ -23,6 +23,7 @@ import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
+import org.apache.camel.component.pqc.PQCSignatureAlgorithms;
import org.bouncycastle.pqc.crypto.lms.LMOtsParameters;
import org.bouncycastle.pqc.crypto.lms.LMSigParameters;
import org.bouncycastle.pqc.jcajce.spec.LMSKeyGenParameterSpec;
@@ -36,7 +37,7 @@ public class PQCDefaultLMSMaterial {
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("LMS");
+ signer =
Signature.getInstance(PQCSignatureAlgorithms.LMS.getAlgorithm());
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -44,7 +45,8 @@ public class PQCDefaultLMSMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("LMS", "BC");
+ KeyPairGenerator kpGen =
KeyPairGenerator.getInstance(PQCSignatureAlgorithms.LMS.getAlgorithm(),
+ PQCSignatureAlgorithms.LMS.getBcProvider());
kpGen.initialize(new
LMSKeyGenParameterSpec(LMSigParameters.lms_sha256_n32_h5,
LMOtsParameters.sha256_n32_w1));
return kpGen;
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
index 3584582b0ae..df61680f877 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
@@ -24,6 +24,7 @@ import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Signature;
+import org.apache.camel.component.pqc.PQCSignatureAlgorithms;
import org.bouncycastle.jcajce.spec.MLDSAParameterSpec;
public class PQCDefaultMLDSAMaterial {
@@ -35,7 +36,7 @@ public class PQCDefaultMLDSAMaterial {
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("ML-DSA");
+ signer =
Signature.getInstance(PQCSignatureAlgorithms.MLDSA.getAlgorithm());
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,7 +44,8 @@ public class PQCDefaultMLDSAMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ML-DSA", "BC");
+ KeyPairGenerator kpGen =
KeyPairGenerator.getInstance(PQCSignatureAlgorithms.MLDSA.getAlgorithm(),
+ PQCSignatureAlgorithms.MLDSA.getBcProvider());
kpGen.initialize(MLDSAParameterSpec.ml_dsa_65, new SecureRandom());
return kpGen;
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultPicnicMaterial.java
similarity index 70%
copy from
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
copy to
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultPicnicMaterial.java
index 3584582b0ae..ac79b22add9 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultPicnicMaterial.java
@@ -16,17 +16,12 @@
*/
package org.apache.camel.component.pqc.crypto;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.Signature;
+import java.security.*;
-import org.bouncycastle.jcajce.spec.MLDSAParameterSpec;
+import org.apache.camel.component.pqc.PQCSignatureAlgorithms;
+import org.bouncycastle.pqc.jcajce.spec.PicnicParameterSpec;
-public class PQCDefaultMLDSAMaterial {
+public class PQCDefaultPicnicMaterial {
public static final KeyPair keyPair;
public static final Signature signer;
@@ -35,7 +30,7 @@ public class PQCDefaultMLDSAMaterial {
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("ML-DSA");
+ signer =
Signature.getInstance(PQCSignatureAlgorithms.PICNIC.getAlgorithm());
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,8 +38,9 @@ public class PQCDefaultMLDSAMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ML-DSA", "BC");
- kpGen.initialize(MLDSAParameterSpec.ml_dsa_65, new SecureRandom());
+ KeyPairGenerator kpGen =
KeyPairGenerator.getInstance(PQCSignatureAlgorithms.PICNIC.getAlgorithm(),
+ PQCSignatureAlgorithms.PICNIC.getBcProvider());
+ kpGen.initialize(PicnicParameterSpec.picnic3l5);
return kpGen;
}
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultRainbowMaterial.java
similarity index 70%
copy from
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
copy to
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultRainbowMaterial.java
index 3584582b0ae..cb173db50f7 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultMLDSAMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultRainbowMaterial.java
@@ -16,17 +16,12 @@
*/
package org.apache.camel.component.pqc.crypto;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.Signature;
+import java.security.*;
-import org.bouncycastle.jcajce.spec.MLDSAParameterSpec;
+import org.apache.camel.component.pqc.PQCSignatureAlgorithms;
+import org.bouncycastle.pqc.jcajce.spec.RainbowParameterSpec;
-public class PQCDefaultMLDSAMaterial {
+public class PQCDefaultRainbowMaterial {
public static final KeyPair keyPair;
public static final Signature signer;
@@ -35,7 +30,7 @@ public class PQCDefaultMLDSAMaterial {
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("ML-DSA");
+ signer =
Signature.getInstance(PQCSignatureAlgorithms.RAINBOW.getAlgorithm());
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,8 +38,9 @@ public class PQCDefaultMLDSAMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ML-DSA", "BC");
- kpGen.initialize(MLDSAParameterSpec.ml_dsa_65, new SecureRandom());
+ KeyPairGenerator kpGen =
KeyPairGenerator.getInstance(PQCSignatureAlgorithms.RAINBOW.getAlgorithm(),
+ PQCSignatureAlgorithms.RAINBOW.getBcProvider());
+ kpGen.initialize(RainbowParameterSpec.rainbowVclassic);
return kpGen;
}
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultSLHDSAMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultSLHDSAMaterial.java
index 4d783915556..ba89b3ffb2d 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultSLHDSAMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultSLHDSAMaterial.java
@@ -24,6 +24,7 @@ import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Signature;
+import org.apache.camel.component.pqc.PQCSignatureAlgorithms;
import org.bouncycastle.jcajce.spec.SLHDSAParameterSpec;
public class PQCDefaultSLHDSAMaterial {
@@ -35,7 +36,7 @@ public class PQCDefaultSLHDSAMaterial {
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("SLH-DSA");
+ signer =
Signature.getInstance(PQCSignatureAlgorithms.SLHDSA.getAlgorithm());
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,7 +44,8 @@ public class PQCDefaultSLHDSAMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("SLH-DSA", "BC");
+ KeyPairGenerator kpGen =
KeyPairGenerator.getInstance(PQCSignatureAlgorithms.SLHDSA.getAlgorithm(),
+ PQCSignatureAlgorithms.SLHDSA.getBcProvider());
kpGen.initialize(SLHDSAParameterSpec.slh_dsa_sha2_128s, new
SecureRandom());
return kpGen;
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
index 48cc6d5e550..f00b19d3413 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
@@ -24,6 +24,7 @@ import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.Signature;
+import org.apache.camel.component.pqc.PQCSignatureAlgorithms;
import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
public class PQCDefaultXMSSMaterial {
@@ -35,7 +36,7 @@ public class PQCDefaultXMSSMaterial {
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("XMSS");
+ signer =
Signature.getInstance(PQCSignatureAlgorithms.XMSS.getAlgorithm());
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,7 +44,8 @@ public class PQCDefaultXMSSMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("XMSS", "BCPQC");
+ KeyPairGenerator kpGen =
KeyPairGenerator.getInstance(PQCSignatureAlgorithms.XMSS.getAlgorithm(),
+ PQCSignatureAlgorithms.XMSS.getBcProvider());
kpGen.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256),
new SecureRandom());
return kpGen;
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/kem/PQCDefaultNTRULPRimeMaterial.java
similarity index 53%
copy from
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
copy to
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/kem/PQCDefaultNTRULPRimeMaterial.java
index 48cc6d5e550..7b72e5a3309 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/kem/PQCDefaultNTRULPRimeMaterial.java
@@ -14,28 +14,26 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.camel.component.pqc.crypto;
+package org.apache.camel.component.pqc.crypto.kem;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.Signature;
+import java.security.*;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
+import javax.crypto.KeyGenerator;
+
+import org.apache.camel.component.pqc.PQCKeyEncapsulationAlgorithms;
+import org.bouncycastle.pqc.jcajce.spec.NTRULPRimeParameterSpec;
+
+public class PQCDefaultNTRULPRimeMaterial {
-public class PQCDefaultXMSSMaterial {
public static final KeyPair keyPair;
- public static final Signature signer;
+ public static final KeyGenerator keyGenerator;
+ public static final KeyPairGenerator generator;
static {
- KeyPairGenerator generator;
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("XMSS");
+ keyGenerator = prepareKeyGenerator();
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,8 +41,15 @@ public class PQCDefaultXMSSMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("XMSS", "BCPQC");
- kpGen.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256),
new SecureRandom());
- return kpGen;
+ KeyPairGenerator kpg =
KeyPairGenerator.getInstance(PQCKeyEncapsulationAlgorithms.NTRULPRime.getAlgorithm(),
+ PQCKeyEncapsulationAlgorithms.NTRULPRime.getBcProvider());
+ kpg.initialize(NTRULPRimeParameterSpec.ntrulpr761, new SecureRandom());
+ return kpg;
+ }
+
+ protected static KeyGenerator prepareKeyGenerator() throws
NoSuchAlgorithmException, NoSuchProviderException {
+ KeyGenerator kg =
KeyGenerator.getInstance(PQCKeyEncapsulationAlgorithms.NTRULPRime.getAlgorithm(),
+ PQCKeyEncapsulationAlgorithms.NTRULPRime.getBcProvider());
+ return kg;
}
}
diff --git
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/kem/PQCDefaultNTRUMaterial.java
similarity index 54%
copy from
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
copy to
components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/kem/PQCDefaultNTRUMaterial.java
index 48cc6d5e550..9cf117d8dc2 100644
---
a/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/PQCDefaultXMSSMaterial.java
+++
b/components/camel-pqc/src/main/java/org/apache/camel/component/pqc/crypto/kem/PQCDefaultNTRUMaterial.java
@@ -14,28 +14,26 @@
* See the License for the specific language governing permissions and
* limitations under the License.
*/
-package org.apache.camel.component.pqc.crypto;
+package org.apache.camel.component.pqc.crypto.kem;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.Signature;
+import java.security.*;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
+import javax.crypto.KeyGenerator;
+
+import org.apache.camel.component.pqc.PQCKeyEncapsulationAlgorithms;
+import org.bouncycastle.pqc.jcajce.spec.NTRUParameterSpec;
+
+public class PQCDefaultNTRUMaterial {
-public class PQCDefaultXMSSMaterial {
public static final KeyPair keyPair;
- public static final Signature signer;
+ public static final KeyGenerator keyGenerator;
+ public static final KeyPairGenerator generator;
static {
- KeyPairGenerator generator;
try {
generator = prepareKeyPair();
keyPair = generator.generateKeyPair();
- signer = Signature.getInstance("XMSS");
+ keyGenerator = prepareKeyGenerator();
} catch (Exception e) {
throw new RuntimeException(e);
}
@@ -43,8 +41,15 @@ public class PQCDefaultXMSSMaterial {
protected static KeyPairGenerator prepareKeyPair()
throws NoSuchAlgorithmException, NoSuchProviderException,
InvalidAlgorithmParameterException {
- KeyPairGenerator kpGen = KeyPairGenerator.getInstance("XMSS", "BCPQC");
- kpGen.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256),
new SecureRandom());
- return kpGen;
+ KeyPairGenerator kpg =
KeyPairGenerator.getInstance(PQCKeyEncapsulationAlgorithms.NTRU.getAlgorithm(),
+ PQCKeyEncapsulationAlgorithms.NTRU.getBcProvider());
+ kpg.initialize(NTRUParameterSpec.ntruhps2048509, new SecureRandom());
+ return kpg;
+ }
+
+ protected static KeyGenerator prepareKeyGenerator() throws
NoSuchAlgorithmException, NoSuchProviderException {
+ KeyGenerator kg =
KeyGenerator.getInstance(PQCKeyEncapsulationAlgorithms.NTRU.getAlgorithm(),
+ PQCKeyEncapsulationAlgorithms.NTRU.getBcProvider());
+ return kg;
}
}
diff --git
a/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCNTRUGenerateEncapsulationAESNoAutowiredTest.java
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCNTRUGenerateEncapsulationAESNoAutowiredTest.java
new file mode 100644
index 00000000000..efffc0a1336
--- /dev/null
+++
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCNTRUGenerateEncapsulationAESNoAutowiredTest.java
@@ -0,0 +1,89 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.pqc;
+
+import java.security.NoSuchAlgorithmException;
+import java.security.Security;
+
+import org.apache.camel.EndpointInject;
+import org.apache.camel.Produce;
+import org.apache.camel.ProducerTemplate;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.test.junit5.CamelTestSupport;
+import org.bouncycastle.jcajce.SecretKeyWithEncapsulation;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
+import org.bouncycastle.util.Arrays;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.*;
+
+public class PQCNTRUGenerateEncapsulationAESNoAutowiredTest extends
CamelTestSupport {
+
+ @EndpointInject("mock:encapsulate")
+ protected MockEndpoint resultEncapsulate;
+
+ @Produce("direct:encapsulate")
+ protected ProducerTemplate templateEncapsulate;
+
+ @EndpointInject("mock:extract")
+ protected MockEndpoint resultExtract;
+
+ public PQCNTRUGenerateEncapsulationAESNoAutowiredTest() throws
NoSuchAlgorithmException {
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() {
+ return new RouteBuilder() {
+ @Override
+ public void configure() {
+ from("direct:encapsulate").to(
+
"pqc:keyenc?operation=generateSecretKeyEncapsulation&symmetricKeyAlgorithm=AES&keyEncapsulationAlgorithm=NTRU")
+ .to("mock:encapsulate")
+
.to("pqc:keyenc?operation=extractSecretKeyEncapsulation&symmetricKeyAlgorithm=AES&keyEncapsulationAlgorithm=NTRU")
+ .to("mock:extract");
+ }
+ };
+ }
+
+ @BeforeAll
+ public static void startup() throws Exception {
+ Security.addProvider(new BouncyCastleProvider());
+ Security.addProvider(new BouncyCastlePQCProvider());
+ }
+
+ @Test
+ void testSignAndVerify() throws Exception {
+ resultEncapsulate.expectedMessageCount(1);
+ resultExtract.expectedMessageCount(1);
+ templateEncapsulate.sendBody("Hello");
+ resultEncapsulate.assertIsSatisfied();
+
assertNotNull(resultEncapsulate.getExchanges().get(0).getMessage().getBody(SecretKeyWithEncapsulation.class));
+ assertEquals(PQCSymmetricAlgorithms.AES.getAlgorithm(),
+
resultEncapsulate.getExchanges().get(0).getMessage().getBody(SecretKeyWithEncapsulation.class).getAlgorithm());
+ SecretKeyWithEncapsulation secEncrypted
+ =
resultEncapsulate.getExchanges().get(0).getMessage().getBody(SecretKeyWithEncapsulation.class);
+
assertNotNull(resultExtract.getExchanges().get(0).getMessage().getBody(SecretKeyWithEncapsulation.class));
+ assertEquals(PQCSymmetricAlgorithms.AES.getAlgorithm(),
+
resultExtract.getExchanges().get(0).getMessage().getBody(SecretKeyWithEncapsulation.class).getAlgorithm());
+ SecretKeyWithEncapsulation secEncryptedExtracted
+ =
resultExtract.getExchanges().get(0).getMessage().getBody(SecretKeyWithEncapsulation.class);
+ assertTrue(Arrays.areEqual(secEncrypted.getEncoded(),
secEncryptedExtracted.getEncoded()));
+ }
+}
diff --git
a/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignatureFalconNoAutowiredTest.java
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignatureFalconNoAutowiredTest.java
new file mode 100644
index 00000000000..9e8969952c9
--- /dev/null
+++
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignatureFalconNoAutowiredTest.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.pqc;
+
+import java.security.*;
+
+import org.apache.camel.EndpointInject;
+import org.apache.camel.Produce;
+import org.apache.camel.ProducerTemplate;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.test.junit5.CamelTestSupport;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class PQCSignatureFalconNoAutowiredTest extends CamelTestSupport {
+
+ @EndpointInject("mock:sign")
+ protected MockEndpoint resultSign;
+
+ @EndpointInject("mock:verify")
+ protected MockEndpoint resultVerify;
+
+ @Produce("direct:sign")
+ protected ProducerTemplate templateSign;
+
+ public PQCSignatureFalconNoAutowiredTest() throws NoSuchAlgorithmException
{
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() {
+ return new RouteBuilder() {
+ @Override
+ public void configure() {
+
from("direct:sign").to("pqc:sign?operation=sign&signatureAlgorithm=FALCON").to("mock:sign")
+
.to("pqc:verify?operation=verify&signatureAlgorithm=FALCON")
+ .to("mock:verify");
+ }
+ };
+ }
+
+ @BeforeAll
+ public static void startup() throws Exception {
+ Security.addProvider(new BouncyCastleProvider());
+ Security.addProvider(new BouncyCastlePQCProvider());
+ }
+
+ @Test
+ void testSignAndVerify() throws Exception {
+ resultSign.expectedMessageCount(1);
+ resultVerify.expectedMessageCount(1);
+ templateSign.sendBody("Hello");
+ resultSign.assertIsSatisfied();
+ resultVerify.assertIsSatisfied();
+
assertTrue(resultVerify.getExchanges().get(0).getMessage().getHeader(PQCConstants.VERIFY,
Boolean.class));
+ }
+}
diff --git
a/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignaturePicnicNoAutowiredTest.java
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignaturePicnicNoAutowiredTest.java
new file mode 100644
index 00000000000..3526bebf688
--- /dev/null
+++
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignaturePicnicNoAutowiredTest.java
@@ -0,0 +1,75 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.pqc;
+
+import java.security.*;
+
+import org.apache.camel.EndpointInject;
+import org.apache.camel.Produce;
+import org.apache.camel.ProducerTemplate;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.test.junit5.CamelTestSupport;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class PQCSignaturePicnicNoAutowiredTest extends CamelTestSupport {
+
+ @EndpointInject("mock:sign")
+ protected MockEndpoint resultSign;
+
+ @EndpointInject("mock:verify")
+ protected MockEndpoint resultVerify;
+
+ @Produce("direct:sign")
+ protected ProducerTemplate templateSign;
+
+ public PQCSignaturePicnicNoAutowiredTest() throws NoSuchAlgorithmException
{
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() {
+ return new RouteBuilder() {
+ @Override
+ public void configure() {
+
from("direct:sign").to("pqc:sign?operation=sign&signatureAlgorithm=PICNIC").to("mock:sign")
+
.to("pqc:verify?operation=verify&signatureAlgorithm=PICNIC")
+ .to("mock:verify");
+ }
+ };
+ }
+
+ @BeforeAll
+ public static void startup() throws Exception {
+ Security.addProvider(new BouncyCastleProvider());
+ Security.addProvider(new BouncyCastlePQCProvider());
+ }
+
+ @Test
+ void testSignAndVerify() throws Exception {
+ resultSign.expectedMessageCount(1);
+ resultVerify.expectedMessageCount(1);
+ templateSign.sendBody("Hello");
+ resultSign.assertIsSatisfied();
+ resultVerify.assertIsSatisfied();
+
assertTrue(resultVerify.getExchanges().get(0).getMessage().getHeader(PQCConstants.VERIFY,
Boolean.class));
+ }
+}
diff --git
a/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignatureRainbowNoAutowiredTest.java
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignatureRainbowNoAutowiredTest.java
new file mode 100644
index 00000000000..c4f58b39d62
--- /dev/null
+++
b/components/camel-pqc/src/test/java/org/apache/camel/component/pqc/PQCSignatureRainbowNoAutowiredTest.java
@@ -0,0 +1,76 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.camel.component.pqc;
+
+import java.security.NoSuchAlgorithmException;
+import java.security.Security;
+
+import org.apache.camel.EndpointInject;
+import org.apache.camel.Produce;
+import org.apache.camel.ProducerTemplate;
+import org.apache.camel.builder.RouteBuilder;
+import org.apache.camel.component.mock.MockEndpoint;
+import org.apache.camel.test.junit5.CamelTestSupport;
+import org.bouncycastle.jce.provider.BouncyCastleProvider;
+import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+
+public class PQCSignatureRainbowNoAutowiredTest extends CamelTestSupport {
+
+ @EndpointInject("mock:sign")
+ protected MockEndpoint resultSign;
+
+ @EndpointInject("mock:verify")
+ protected MockEndpoint resultVerify;
+
+ @Produce("direct:sign")
+ protected ProducerTemplate templateSign;
+
+ public PQCSignatureRainbowNoAutowiredTest() throws
NoSuchAlgorithmException {
+ }
+
+ @Override
+ protected RouteBuilder createRouteBuilder() {
+ return new RouteBuilder() {
+ @Override
+ public void configure() {
+
from("direct:sign").to("pqc:sign?operation=sign&signatureAlgorithm=RAINBOW").to("mock:sign")
+
.to("pqc:verify?operation=verify&signatureAlgorithm=RAINBOW")
+ .to("mock:verify");
+ }
+ };
+ }
+
+ @BeforeAll
+ public static void startup() throws Exception {
+ Security.addProvider(new BouncyCastleProvider());
+ Security.addProvider(new BouncyCastlePQCProvider());
+ }
+
+ @Test
+ void testSignAndVerify() throws Exception {
+ resultSign.expectedMessageCount(1);
+ resultVerify.expectedMessageCount(1);
+ templateSign.sendBody("Hello");
+ resultSign.assertIsSatisfied();
+ resultVerify.assertIsSatisfied();
+
assertTrue(resultVerify.getExchanges().get(0).getMessage().getHeader(PQCConstants.VERIFY,
Boolean.class));
+ }
+}
