Adding support for injected algorithms (via InjectionPoint) to the BC PQC provider. PQC algorithms now can be loaded without reflection (useful when compiling with GraalVM native-image).

Author: sergejskozlovics

prov/src/main/java/org/bouncycastle/pqc/jcajce/provider/BouncyCastlePQCProvider.java

@@ -17,6 +17,7 @@
 import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
 import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
+import org.bouncycastle.tls.injection.InjectionPoint;
 
 public class BouncyCastlePQCProvider
     extends Provider
@@ -43,6 +44,19 @@ public class BouncyCastlePQCProvider
             "Dilithium", "NTRUPrime", "BIKE", "HQC", "Rainbow"
         };
 
+    /**
+     * #tls-injection
+     * ALGORITHM_MAPPING_CLASSES contains real classes corresponding to the names given in ALGORITHMS.
+     * We rely on ALGORITHM_MAPPING_CLASSES when we are unable to load classes by names via reflection
+     * (important, since we cannot rely fully on reflection in NativeImage from GraalVM).
+     * #pqc-tls
+     */
+    private static final Class<?>[] ALGORITHM_MAPPING_CLASSES = {
+            SPHINCS.Mappings.class, LMS.Mappings.class, NH.Mappings.class, XMSS.Mappings.class, SPHINCSPlus.Mappings.class,
+            CMCE.Mappings.class, Frodo.Mappings.class, SABER.Mappings.class, Picnic.Mappings.class, NTRU.Mappings.class, Falcon.Mappings.class, Kyber.Mappings.class,
+            Dilithium.Mappings.class, NTRUPrime.Mappings.class, BIKE.Mappings.class, HQC.Mappings.class, Rainbow.Mappings.class
+    };
+
     /**
      * Construct a new provider.  This should only be required when
      * using runtime registration of the provider using the
@@ -71,21 +85,31 @@ private void loadAlgorithms(String packageName, String[] names)
     {
         for (int i = 0; i != names.length; i++)
         {
-            Class clazz = loadClass(BouncyCastlePQCProvider.class, packageName + names[i] + "$Mappings");
+            Class clazz;
+            if (i<ALGORITHM_MAPPING_CLASSES.length && ALGORITHM_MAPPING_CLASSES[i].getSimpleName().equals(ALGORITHMS[i])) {
+                // if ALGORITHM_CLASSES[i] indeed corresponds to ALGORITHM[i], we do not use reflection #pqc-tls
+                clazz = ALGORITHM_MAPPING_CLASSES[i];
+            }
+            else
+                clazz = loadClass(BouncyCastlePQCProvider.class, packageName + names[i] + "$Mappings");
 
             if (clazz != null)
             {
                 try
                 {
-                    ((AlgorithmProvider)clazz.newInstance()).configure(this);
+                    ((AlgorithmProvider)clazz.getConstructor().newInstance()).configure(this);
+                    // ^^^ replaces deprecated: ((AlgorithmProvider)clazz.newInstance()).configure(this);
                 }
                 catch (Exception e)
                 {   // this should never ever happen!!
                     throw new InternalError("cannot create instance of "
                         + packageName + names[i] + "$Mappings : " + e);
                 }
             }
+
         }
+        // Add also injected algorithms to our provider: #tls-injection
+        InjectionPoint.configureProvider(this);
     }
 
     public void setParameter(String parameterName, Object parameter)