JDk 25 Support?

[apupier]

Hello,

I'm wondering what is the current status on Java 25 support.
I found no issue related to it https://github.com/bcgit/bc-java/issues?q=is%3Aissue%20state%3Aopen%20java%2025%20OR%20JDK%2025
I found one commit with partial support available with 1.82 de42702
I found no information to Java support in release notes.

When trying to upgrade to Java 25 the Apache Camel project, we have several failures related to bouncycastle so I'm wondering if the problem is in bouncycastle or if we have something to do on our side. We are using version 1.82 of bouncycastle

Mainly 2 types of errors:

[�[1;31mERROR�[m] org.apache.camel.component.pqc.PQCSignatureMLDSANoAutowiredTest.testSignAndVerify -- Time elapsed: 0.047 s <<< ERROR!
org.apache.camel.CamelExecutionException: Exception occurred during execution on the exchange: Exchange[8CFC3CC570E654B-0000000000000000]
	at org.apache.camel.CamelExecutionException.wrapCamelExecutionException(CamelExecutionException.java:45)
	at org.apache.camel.support.ExchangeHelper.extractResultBody(ExchangeHelper.java:701)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:594)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:590)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:188)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:460)
	at org.apache.camel.component.pqc.PQCSignatureMLDSANoAutowiredTest.testSignAndVerify(PQCSignatureMLDSANoAutowiredTest.java:69)
	at java.base/java.lang.reflect.Method.invoke(Method.java:565)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1604)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1604)
Caused by: java.security.InvalidKeyException: Cannot parse input
	at java.base/sun.security.pkcs.NamedPKCS8Key.<init>(NamedPKCS8Key.java:95)
	at java.base/sun.security.provider.NamedKeyFactory.fromPKCS8(NamedKeyFactory.java:160)
	at java.base/sun.security.provider.NamedKeyFactory.engineTranslateKey(NamedKeyFactory.java:272)
	at java.base/sun.security.provider.NamedSignature.engineInitSign(NamedSignature.java:96)
	at java.base/java.security.Signature$Delegate.tryOperation(Signature.java:1334)
	at java.base/java.security.Signature$Delegate.chooseProvider(Signature.java:1288)
	at java.base/java.security.Signature$Delegate.engineInitSign(Signature.java:1372)
	at java.base/java.security.Signature.initSign(Signature.java:648)
	at org.apache.camel.component.pqc.PQCProducer.signature(PQCProducer.java:135)
	at org.apache.camel.component.pqc.PQCProducer.process(PQCProducer.java:56)
	at org.apache.camel.support.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:65)
	at org.apache.camel.processor.SendProcessor.sendUsingProducer(SendProcessor.java:253)
	at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:158)
	at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$SimpleTask.handleFirst(RedeliveryErrorHandler.java:440)
	at org.apache.camel.processor.errorhandler.RedeliveryErrorHandler$SimpleTask.run(RedeliveryErrorHandler.java:416)
	at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.doRun(DefaultReactiveExecutor.java:199)
	at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.executeReactiveWork(DefaultReactiveExecutor.java:189)
	at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.tryExecuteReactiveWork(DefaultReactiveExecutor.java:166)
	at org.apache.camel.impl.engine.DefaultReactiveExecutor$Worker.schedule(DefaultReactiveExecutor.java:148)
	at org.apache.camel.impl.engine.DefaultReactiveExecutor.scheduleMain(DefaultReactiveExecutor.java:59)
	at org.apache.camel.processor.Pipeline.process(Pipeline.java:162)
	at org.apache.camel.impl.engine.CamelInternalProcessor.processNonTransacted(CamelInternalProcessor.java:370)
	at org.apache.camel.impl.engine.CamelInternalProcessor.process(CamelInternalProcessor.java:346)
	at org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:102)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor.processNonTransacted(SharedCamelInternalProcessor.java:156)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor.process(SharedCamelInternalProcessor.java:133)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor$1.process(SharedCamelInternalProcessor.java:89)
	at org.apache.camel.impl.engine.DefaultAsyncProcessorAwaitManager.process(DefaultAsyncProcessorAwaitManager.java:82)
	at org.apache.camel.impl.engine.SharedCamelInternalProcessor.process(SharedCamelInternalProcessor.java:86)
	at org.apache.camel.support.cache.DefaultProducerCache.send(DefaultProducerCache.java:180)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.send(DefaultProducerTemplate.java:175)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.send(DefaultProducerTemplate.java:171)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.send(DefaultProducerTemplate.java:152)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:186)
	... 5 more
Caused by: java.io.IOException: DER input not an octet string
	at java.base/sun.security.util.DerInputStream.getOctetString(DerInputStream.java:155)
	at java.base/sun.security.pkcs.NamedPKCS8Key.<init>(NamedPKCS8Key.java:93)
	... 38 more

[�[1;31mERROR�[m] org.apache.camel.component.pqc.PQCSignatureMLDSANoAutowiredTest.testSignAndVerify -- Time elapsed: 0.017 s <<< ERROR!
org.apache.camel.CamelExecutionException: Exception occurred during execution on the exchange: Exchange[34182CD8D8B19D1-0000000000000000]
	at org.apache.camel.CamelExecutionException.wrapCamelExecutionException(CamelExecutionException.java:45)
	at org.apache.camel.support.ExchangeHelper.extractResultBody(ExchangeHelper.java:701)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:594)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.extractResultBody(DefaultProducerTemplate.java:590)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:188)
	at org.apache.camel.impl.engine.DefaultProducerTemplate.sendBody(DefaultProducerTemplate.java:460)
	at org.apache.camel.component.pqc.PQCSignatureMLDSANoAutowiredTest.testSignAndVerify(PQCSignatureMLDSANoAutowiredTest.java:69)
	at java.base/java.lang.reflect.Method.invoke(Method.java:565)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1604)
	at java.base/java.util.ArrayList.forEach(ArrayList.java:1604)
Caused by: java.security.InvalidKeyException: No installed provider supports this key: org.bouncycastle.jcajce.provider.asymmetric.mldsa.BCMLDSAPrivateKey
	at java.base/java.security.Signature$Delegate.chooseProvider(Signature.java:1315)
	at java.base/java.security.Signature$Delegate.engineInitSign(Signature.java:1372)
	at java.base/java.security.Signature.initSign(Signature.java:648)
	at org.apache.camel.component.pqc.PQCProducer.signature(PQCProducer.java:135)

regards,

[oscerd]

On the Camel side this should solve the tests: apache/camel#19673. What I found is that in JDK 25, there's stricter validation when mixing security providers. The Signature instance is created without specifying a provider (defaulting to JDK's provider), but the keys are generated using BouncyCastle. This causes a key format mismatch. By the way the discussion is still valid IMO and a clarification would really help. Thanks.

[peterdettman]

As @oscerd points out, there is no issue if using a BC Signature instance with a BC PrivateKey. JDK 24 added ML-DSA support, so as you upgrade from (I assume) pre-24 to 25, you hit a situation where the Signature now resolves to the JDK provider instead of BC.

That is a fairly normal situation, and a mechanism called delayed provider selection allows to wait until the key is presented before selecting which provider to use for the SignatureSpi (i.e. the backing implementation of the Signature instance). This mechanism is important for HSM, or otherwise non-exportable, keys. In this case the mechanism fails for two separate reasons:

1. The BC key is exportable in PKCS#8 format, so in principle the JDK SignatureSpi can re-import it and run the Signature operation. However BC supports three different formats for the privateKey field of PrivateKeyInfo(/OneAsymmetricKey), whereas the JDK implementation only supports one (it even appears to assume that the privateKey octets must contain an OCTET STRING encoding) - and not the one BC generates by default. So this fails in trying to parse the exported key. (Technically the private key format BC supports is still only in draft: https://datatracker.ietf.org/doc/draft-ietf-lamps-dilithium-certificates/ - we could expect JDK to support this in due course).

2. The delayed provider selection also finds the BC service, but rejects it because the SPI subclasses Signature itself instead of SignatureSpi (I'm unsure of why this restriction exists). For some reason most of our PQ implementations appear to have that same issue of subclassing Signature (I found at least Falcon, LMS, Mayo, ML-DSA, Picnic, SLH-DSA, SNOVA, XMSS may have problems). I tested a quick fix for ML-DSA (subclassing SignatureSpi instead of Signature) and it resolved the problem with selecting BC as part of delayed provider selection. I'll have to discuss internally to make sure there aren't knock-on effects, but this will probably lead to a solution.

Thanks for bringing this to our attention.

[dghgit]

The SignatureSpi issue should now be addressed in the latest beta on https://downloads.bouncycastle.org/betas Let us know how it goes.