Skip to content

PQC test of http extension#8507

Open
JiriOndrusek wants to merge 1 commit intoapache:mainfrom
JiriOndrusek:pqc-http-poc-08
Open

PQC test of http extension#8507
JiriOndrusek wants to merge 1 commit intoapache:mainfrom
JiriOndrusek:pqc-http-poc-08

Conversation

@JiriOndrusek
Copy link
Copy Markdown
Contributor

@JiriOndrusek JiriOndrusek commented Apr 7, 2026

related to #8497

Add Post-Quantum Cryptography (PQC) hybrid approach test coverage for HTTP component

Implements hybrid RSA+ML-DSA certificate validation for HTTP component using BouncyCastle JSSE
provider. Adds new pqc-certificate-generator test support module for generating hybrid certificates
following BC Almanac Chimera pattern (page 6).

Key changes:

  • New test infrastructure: integration-tests-support/pqc-certificate-generator module
  • Hybrid certificate generation using NIST-standardized ML-DSA algorithms (FIPS 204)
  • HTTP integration test with nginx serving hybrid certificates
  • Custom HybridCertificateTrustManager validating both RSA and ML-DSA signatures
  • Standard TLS 1.3 handshake with application-level PQC validation

Technical approach:

  • Uses standard TLS with hybrid X.509 certificates (RSA + ML-DSA keys via extensions)
  • Compatible with any TLS 1.3 server (no OQS/protocol modifications needed)
  • Client-side validation via @PQCCertificates JUnit extension

@JiriOndrusek JiriOndrusek changed the title pqc http [camel-main] PQC test of htpp extension Apr 7, 2026
@JiriOndrusek JiriOndrusek changed the title [camel-main] PQC test of htpp extension [camel-main] PQC test of http extension Apr 7, 2026
@github-actions github-actions Bot force-pushed the camel-main branch 2 times, most recently from 927aec0 to 0ad2a25 Compare April 14, 2026 02:29
@jamesnetherton
Copy link
Copy Markdown
Contributor

jamesnetherton commented Apr 16, 2026

@JiriOndrusek You can probably rebase on main to get this merged.

@JiriOndrusek
Copy link
Copy Markdown
Contributor Author

JiriOndrusek commented Apr 16, 2026

I'm going to do that, probably will check the code as well, to align with the new example added in apache/camel-quarkus-examples#494

@JiriOndrusek JiriOndrusek changed the base branch from camel-main to main April 17, 2026 13:47
@JiriOndrusek JiriOndrusek marked this pull request as ready for review April 17, 2026 13:47
@JiriOndrusek
Copy link
Copy Markdown
Contributor Author

JiriOndrusek commented Apr 17, 2026

I rebased the PR and refactred it to be compliant with pqc-http example.
But there are possible more simplifications of the example after this Pr is merged. i reported them as #8550

@jamesnetherton jamesnetherton changed the title [camel-main] PQC test of http extension PQC test of http extension Apr 17, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JiriOndrusek @jamesnetherton