Support Generic key algorithms for XDH and ECDH

[JinhangZhang]

No description provided.

[KostasTsiounis]

I think we should use algorithm.equalsIgnoreCase("TlsPremasterSecret") for consistency with later versions.

[jasonkatonica]

Also looks like latest code in main does:

if (!(algorithm.equalsIgnoreCase("TlsPremasterSecret")

So I agree with Kostas here that not only the new check for "Generic" but also the check for TlsPremasterSecret should ignore case.

I think we should directly copy the code exactly as it is in main including whitespace and other changes into this branch in this area such that it matches as close as possible. This makes for easier future maintenance and cherry-picking. For example in main the code looks as follows. Notice the various white-space differences:

    @Override
    protected SecretKey engineGenerateSecret(String algorithm)
            throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException {
        if (algorithm == null) {
            throw new NoSuchAlgorithmException("Algorithm must not be null");
        }
        if (!(algorithm.equalsIgnoreCase("TlsPremasterSecret")
                || algorithm.equalsIgnoreCase("Generic"))) {
            throw new NoSuchAlgorithmException(
                    "Unsupported secret key algorithm: " + algorithm);
        }
        return new SecretKeySpec(engineGenerateSecret(), algorithm);
    }

Same comment below for the change to XDHKeyAgreement.java

[jasonkatonica]

Is there any reason why we cannot just backport / cherry-pick the change https://github.com/IBM/OpenJCEPlus/pull/573/changes to these previous releases?

[jasonkatonica]

One more question here. Are we sure we want to support "Generic" instead of changing the code to make use of "TlsPremasterSecret" instead on the PQC Java 21 code?

[KostasTsiounis]

Is there any reason why we cannot just backport / cherry-pick the change https://github.com/IBM/OpenJCEPlus/pull/573/changes to these previous releases?

Yeah, I agree that we could do that. The PR includes tests as well. Only thing is that we would also allow it for DH. Are we ok with that?

[KostasTsiounis]

Similar to above.

[jasonkatonica]

Also looks like latest code in main does:

if (!(algorithm.equalsIgnoreCase("TlsPremasterSecret")

So I agree with Kostas here that not only the new check for "Generic" but also the check for TlsPremasterSecret should ignore case.

I think we should directly copy the code exactly as it is in main including whitespace and other changes into this branch in this area such that it matches as close as possible. This makes for easier future maintenance and cherry-picking. For example in main the code looks as follows. Notice the various white-space differences:

    @Override
    protected SecretKey engineGenerateSecret(String algorithm)
            throws IllegalStateException, NoSuchAlgorithmException, InvalidKeyException {
        if (algorithm == null) {
            throw new NoSuchAlgorithmException("Algorithm must not be null");
        }
        if (!(algorithm.equalsIgnoreCase("TlsPremasterSecret")
                || algorithm.equalsIgnoreCase("Generic"))) {
            throw new NoSuchAlgorithmException(
                    "Unsupported secret key algorithm: " + algorithm);
        }
        return new SecretKeySpec(engineGenerateSecret(), algorithm);
    }

Same comment below for the change to XDHKeyAgreement.java