Add Check for PQCPrivateKey in Decapsulator and add tests. #1042

johnpeck-us-ibm · 2025-12-11T18:50:51Z

Add Check for PQCPrivateKey in Decapsulator and add tests for invalid keys.

Signed-off-by: John Peck 140550562+johnpeck-us-ibm@users.noreply.github.com

jasonkatonica

Some tests are also failing with the following unused variables:

Error:  /home/runner/work/OpenJCEPlus/OpenJCEPlus/src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java:190:16: Unused local variable 'encr'. [UnusedLocalVariable]
Error:  /home/runner/work/OpenJCEPlus/OpenJCEPlus/src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java:197:16: Unused local variable 'decr'. [UnusedLocalVariable]
Error:  /home/runner/work/OpenJCEPlus/OpenJCEPlus/src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java:208:16: Unused local variable 'encr'. [UnusedLocalVariable]
Error:  /home/runner/work/OpenJCEPlus/OpenJCEPlus/src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java:215:16: Unused local variable 'decr'. [UnusedLocalVariable]

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

src/test/java/ibm/jceplus/junit/base/BaseTestPQCKeyInterop.java

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

jasonkatonica

LGTM

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java

… keys. Signed-off-by: John Peck <140550562+johnpeck-us-ibm@users.noreply.github.com>

KostasTsiounis · 2026-01-16T16:28:13Z

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

+
+        try {
+            kem.newDecapsulator(pqcKeyPair.getPrivate());
+            fail("testKEMKeys failed - RSA Private key did not cause an Invalid Key Excepton.");


Just a typo. Saying Invalid Key Excepton instead of InvalidKeyException.

KostasTsiounis · 2026-01-16T16:28:19Z

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

+
+        try {
+            kem.newEncapsulator(pqcKeyPair.getPublic());
+            fail("testKEMKeys failed - RSA Public key did not cause an Invalid Key Excepton.");


Just a typo. Saying Invalid Key Excepton instead of InvalidKeyException.

KostasTsiounis · 2026-01-16T16:28:27Z

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

+
+        try {
+            kem.newEncapsulator(pub);
+            fail("testKEMKeys failed - NULL Public key did not cause an Invalid Key Excepton.");


Just a typo. Saying Invalid Key Excepton instead of InvalidKeyException.

KostasTsiounis · 2026-01-16T16:28:45Z

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java

+
+        try {
+            kem.newDecapsulator(priv);
+            fail("testKEMKeys failed - NULL Private key did not cause an Invalid Key Excepton.");


Just a typo. Saying Invalid Key Excepton instead of InvalidKeyException.

KostasTsiounis · 2026-01-16T16:29:29Z

src/test/java/ibm/jceplus/junit/base/BaseTestPQCKeyInterop.java

+
+        if (getProviderName().equals("OpenJCEPlusFIPS") || 
+            getInteropProviderName().equals(Utils.PROVIDER_BC)) {
+            //This is not in the FIPS provider yet and Boucy Castle does not support this test.


BouncyCastle instead of Boucy Castle.

KostasTsiounis · 2026-01-16T16:44:54Z

src/test/java/ibm/jceplus/junit/base/BaseTestPQCKeyInterop.java

+    public void testPQCKeyGenKEMAutoKeyConvertion() throws Exception {
+        String pqcAlgorithm = "ML-KEM-512";
+
+        if (getProviderName().equals("OpenJCEPlusFIPS") || 


We could substitute this with:

assumeFalse("OpenJCEPlusFIPS".equals(getProviderName())); assumeFalse(Utils.PROVIDER_BC.equals(getProviderName()));

johnpeck-us-ibm self-assigned this Dec 11, 2025

johnpeck-us-ibm requested review from JinhangZhang, KostasTsiounis, jasonkatonica and taoliult December 11, 2025 18:53

jasonkatonica reviewed Dec 11, 2025

View reviewed changes

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java Outdated Show resolved Hide resolved

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java Outdated Show resolved Hide resolved

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java Outdated Show resolved Hide resolved

jasonkatonica reviewed Dec 11, 2025

View reviewed changes

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java Outdated Show resolved Hide resolved

johnpeck-us-ibm requested a review from jasonkatonica December 12, 2025 19:07

jasonkatonica requested changes Dec 12, 2025

View reviewed changes

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java Outdated Show resolved Hide resolved

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java Outdated Show resolved Hide resolved

johnpeck-us-ibm requested a review from jasonkatonica December 15, 2025 17:30

jasonkatonica requested changes Dec 15, 2025

View reviewed changes

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java Outdated Show resolved Hide resolved

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java Outdated Show resolved Hide resolved

johnpeck-us-ibm force-pushed the PQCKEMPrivKeyCheck branch from e85ad9f to 990a310 Compare December 15, 2025 21:52

jasonkatonica self-requested a review December 15, 2025 21:54

jasonkatonica approved these changes Dec 15, 2025

View reviewed changes

KostasTsiounis requested changes Dec 15, 2025

View reviewed changes

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java Outdated Show resolved Hide resolved

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java Outdated Show resolved Hide resolved

src/test/java/ibm/jceplus/junit/base/BaseTestKEM.java Show resolved Hide resolved

johnpeck-us-ibm force-pushed the PQCKEMPrivKeyCheck branch from f455242 to ccf3001 Compare December 16, 2025 20:44

johnpeck-us-ibm requested a review from KostasTsiounis December 16, 2025 20:46

johnpeck-us-ibm closed this Jan 8, 2026

johnpeck-us-ibm deleted the PQCKEMPrivKeyCheck branch January 8, 2026 16:53

johnpeck-us-ibm restored the PQCKEMPrivKeyCheck branch January 8, 2026 21:51

johnpeck-us-ibm reopened this Jan 8, 2026

KostasTsiounis requested changes Jan 12, 2026

View reviewed changes

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java Outdated Show resolved Hide resolved

src/main/java/com/ibm/crypto/plus/provider/MLKEMImpl.java Outdated Show resolved Hide resolved

johnpeck-us-ibm force-pushed the PQCKEMPrivKeyCheck branch from fd780cf to 8ff682c Compare January 12, 2026 20:50

johnpeck-us-ibm requested a review from KostasTsiounis January 12, 2026 20:51

johnpeck-us-ibm force-pushed the PQCKEMPrivKeyCheck branch from aaaffcf to 7ec7db1 Compare January 16, 2026 15:59

Add Check for PQCPrivateKey in Decapsulator and add tests for invalid…

fdd1142

… keys. Signed-off-by: John Peck <140550562+johnpeck-us-ibm@users.noreply.github.com>

johnpeck-us-ibm force-pushed the PQCKEMPrivKeyCheck branch from 7ec7db1 to fdd1142 Compare January 16, 2026 16:02

KostasTsiounis requested changes Jan 16, 2026

View reviewed changes

Add Check for PQCPrivateKey in Decapsulator and add tests. #1042

Are you sure you want to change the base?

Add Check for PQCPrivateKey in Decapsulator and add tests. #1042

Conversation

johnpeck-us-ibm commented Dec 11, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

jasonkatonica left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

jasonkatonica left a comment

Choose a reason for hiding this comment

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Uh oh!

KostasTsiounis Jan 16, 2026

Choose a reason for hiding this comment

Uh oh!

KostasTsiounis Jan 16, 2026

Choose a reason for hiding this comment

Uh oh!

KostasTsiounis Jan 16, 2026

Choose a reason for hiding this comment

Uh oh!

KostasTsiounis Jan 16, 2026

Choose a reason for hiding this comment

Uh oh!

KostasTsiounis Jan 16, 2026

Choose a reason for hiding this comment

Uh oh!

KostasTsiounis Jan 16, 2026

Choose a reason for hiding this comment

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

johnpeck-us-ibm commented Dec 11, 2025 •

edited

Loading