bc-java icon indicating copy to clipboard operation
bc-java copied to clipboard
verified publisher icon bcgit

Unable to use BouncyCastleJSSE for TLS using certificate having ML-DSA key

Open pruthig opened this issue 7 months ago • 2 comments

Hello Team,

I am trying to use BouncyCastleJSSE provider for TLS communication using a certificate that has ML-DSA key. I am explicitly setting TLS version to 1.3, but getting following error:

org.bouncycastle.tls.TlsFatalAlert: handshake_failure(40); [server #1 @335302fd] found no selectable cipher suite among the 4 offered: [{0x13,0x02}(TLS_AES_256_GCM_SHA384), {0x13,0x03}(TLS_CHACHA20_POLY1305_SHA256), {0x13,0x01}(TLS_AES_128_GCM_SHA256), {0x00,0xff}(TLS_EMPTY_RENEGOTIATION_INFO_SCSV)]

Can anybody please assist here?

pruthig avatar Jun 11 '25 07:06 pruthig

Hello @pruthig,

Looks like there isn't a common supported cipher suite. Try adding to the supported cipher suites. If you're using an SSL socket, add the cipher suites using setEnabledCipherSuites() and the TLSv1.3 protocol with setEnabledProtocols()

~ Roy

roy-basmacier avatar Jun 11 '25 16:06 roy-basmacier

In this case the emphasis is probably on selectable cipher suite, the most common reason for which (apart from there being no cipher suites in common) is the absence of suitable credentials.

ML-DSA signature schemes for TLS aren't supported yet; it is a work-in-progress following draft-ietf-tls-mldsa.

peterdettman avatar Jun 11 '25 18:06 peterdettman