From 9855fd9d23554c498cfed078ec5bb907f7e0b9a9 Mon Sep 17 00:00:00 2001
From: hmdrz <hmdrzsharifi@gmail.com>
Date: Fri, 7 Nov 2025 17:05:42 +0330
Subject: [PATCH 1/5] #BAEL-6958: add KemUtils main source

---
 .../main/java/com/baeldung/kem/KemUtils.java  | 27 +++++++++++++++++++
 1 file changed, 27 insertions(+)
 create mode 100644 core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java

diff --git a/core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java b/core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java
new file mode 100644
index 000000000000..8b6492f4c8cf
--- /dev/null
+++ b/core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java
@@ -0,0 +1,27 @@
+package com.baeldung.kem;
+
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import javax.crypto.KEM;
+import javax.crypto.SecretKey;
+
+public class KemUtils {
+
+    public record KemResult(SecretKey sharedSecret, byte[] encapsulation) {}
+
+    public static KemResult encapsulate(String algorithm, PublicKey publicKey) throws Exception {
+        KEM kem = KEM.getInstance(algorithm);
+        KEM.Encapsulator encapsulator = kem.newEncapsulator(publicKey);
+        KEM.Encapsulated result = encapsulator.encapsulate();
+        return new KemResult(result.key(), result.encapsulation());
+    }
+
+    public static KemResult decapsulate(String algorithm, PrivateKey privateKey, byte[] encapsulation) throws Exception {
+        KEM kem = KEM.getInstance(algorithm);
+        KEM.Decapsulator decapsulator = kem.newDecapsulator(privateKey);
+        SecretKey recoveredSecret = decapsulator.decapsulate(encapsulation);
+        return new KemResult(recoveredSecret, encapsulation);
+    }
+
+}

From f6134b237e3d023bbcaaff0b1d5a8ee5b1141992 Mon Sep 17 00:00:00 2001
From: hmdrz <hmdrzsharifi@gmail.com>
Date: Fri, 7 Nov 2025 17:05:59 +0330
Subject: [PATCH 2/5] #BAEL-6958: add test source

---
 .../baeldung/kem/KemUtilsIntegrationTest.java | 52 +++++++++++++++++++
 1 file changed, 52 insertions(+)
 create mode 100644 core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java

diff --git a/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java b/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java
new file mode 100644
index 000000000000..fddcb24bbeb4
--- /dev/null
+++ b/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java
@@ -0,0 +1,52 @@
+package com.baeldung.kem;
+
+import static org.junit.jupiter.api.Assertions.assertArrayEquals;
+import static org.junit.jupiter.api.Assertions.assertNotNull;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+
+import javax.crypto.SecretKey;
+
+import org.junit.jupiter.api.BeforeAll;
+import org.junit.jupiter.api.Test;
+
+public class KemUtilsIntegrationTest {
+    private static KeyPair keyPair;
+    public static final String KEM_ALGORITHM = "DHKEM";
+
+
+    @BeforeAll
+    static void setup() throws Exception {
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance("X25519");
+        keyPair = kpg.generateKeyPair();
+    }
+
+    @Test
+    void givenKem_whenSenderEncapsulatesAndReceiverDecapsulates_thenSecretsMatch() throws Exception {
+        KemUtils.KemResult senderResult = KemUtils.encapsulate(KEM_ALGORITHM, keyPair.getPublic());
+        assertNotNull(senderResult.sharedSecret());
+        assertNotNull(senderResult.encapsulation());
+
+        KemUtils.KemResult receiverResult = KemUtils.decapsulate(KEM_ALGORITHM, keyPair.getPrivate(), senderResult.encapsulation());
+
+        SecretKey senderSecret = senderResult.sharedSecret();
+        SecretKey receiverSecret = receiverResult.sharedSecret();
+
+        assertArrayEquals(senderSecret.getEncoded(), receiverSecret.getEncoded(),
+            "Shared secrets from sender and receiver must match");
+    }
+
+    @Test
+    void givenDifferentReceiverKey_whenDecapsulate_thenFails() throws Exception {
+        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+        KeyPair wrongKeyPair = kpg.generateKeyPair();
+
+        KemUtils.KemResult senderResult = KemUtils.encapsulate(KEM_ALGORITHM, keyPair.getPublic());
+
+        assertThrows(Exception.class, () ->
+            KemUtils.decapsulate(KEM_ALGORITHM, wrongKeyPair.getPrivate(), senderResult.encapsulation()));
+    }
+
+}

From 19a52922c10ff7f89919abcef06abd9d6e18b7e9 Mon Sep 17 00:00:00 2001
From: hmdrz <hmdrzsharifi@gmail.com>
Date: Fri, 7 Nov 2025 17:06:16 +0330
Subject: [PATCH 3/5] #BAEL-6958: add Java 21 support

---
 core-java-modules/core-java-security-5/pom.xml | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/core-java-modules/core-java-security-5/pom.xml b/core-java-modules/core-java-security-5/pom.xml
index 6a435207e6fb..9053a1b0f021 100644
--- a/core-java-modules/core-java-security-5/pom.xml
+++ b/core-java-modules/core-java-security-5/pom.xml
@@ -30,6 +30,14 @@
                     </environmentVariables>
                 </configuration>
             </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <configuration>
+                    <source>21</source>
+                    <target>21</target>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
 

From e059aa7106c6e5ebf8f644aa57e1072338d08dec Mon Sep 17 00:00:00 2001
From: hmdrz <hmdrzsharifi@gmail.com>
Date: Tue, 11 Nov 2025 00:12:14 +0330
Subject: [PATCH 4/5] #BAEL-6958: reformat code

---
 .../src/main/java/com/baeldung/kem/KemUtils.java               | 3 ++-
 .../test/java/com/baeldung/kem/KemUtilsIntegrationTest.java    | 3 ++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java b/core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java
index 8b6492f4c8cf..2d8bbc19998b 100644
--- a/core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java
+++ b/core-java-modules/core-java-security-5/src/main/java/com/baeldung/kem/KemUtils.java
@@ -17,7 +17,8 @@ public static KemResult encapsulate(String algorithm, PublicKey publicKey) throw
         return new KemResult(result.key(), result.encapsulation());
     }
 
-    public static KemResult decapsulate(String algorithm, PrivateKey privateKey, byte[] encapsulation) throws Exception {
+    public static KemResult decapsulate(String algorithm, PrivateKey privateKey, byte[] encapsulation)
+      throws Exception {
         KEM kem = KEM.getInstance(algorithm);
         KEM.Decapsulator decapsulator = kem.newDecapsulator(privateKey);
         SecretKey recoveredSecret = decapsulator.decapsulate(encapsulation);
diff --git a/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java b/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java
index fddcb24bbeb4..4af8961bb046 100644
--- a/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java
+++ b/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java
@@ -29,7 +29,8 @@ void givenKem_whenSenderEncapsulatesAndReceiverDecapsulates_thenSecretsMatch() t
         assertNotNull(senderResult.sharedSecret());
         assertNotNull(senderResult.encapsulation());
 
-        KemUtils.KemResult receiverResult = KemUtils.decapsulate(KEM_ALGORITHM, keyPair.getPrivate(), senderResult.encapsulation());
+        KemUtils.KemResult receiverResult = KemUtils.decapsulate(KEM_ALGORITHM, keyPair.getPrivate(),
+          senderResult.encapsulation());
 
         SecretKey senderSecret = senderResult.sharedSecret();
         SecretKey receiverSecret = receiverResult.sharedSecret();

From f844f4766c776d4ce16bf90a701637009a5c6b69 Mon Sep 17 00:00:00 2001
From: hmdrz <hmdrzsharifi@gmail.com>
Date: Mon, 17 Nov 2025 23:43:50 +0330
Subject: [PATCH 5/5] #BAEL-6958: change Test class name

---
 .../kem/{KemUtilsIntegrationTest.java => KemUtilsUnitTest.java} | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/{KemUtilsIntegrationTest.java => KemUtilsUnitTest.java} (97%)

diff --git a/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java b/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsUnitTest.java
similarity index 97%
rename from core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java
rename to core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsUnitTest.java
index 4af8961bb046..08c5c06ddcaf 100644
--- a/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsIntegrationTest.java
+++ b/core-java-modules/core-java-security-5/src/test/java/com/baeldung/kem/KemUtilsUnitTest.java
@@ -12,7 +12,7 @@
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
 
-public class KemUtilsIntegrationTest {
+public class KemUtilsUnitTest {
     private static KeyPair keyPair;
     public static final String KEM_ALGORITHM = "DHKEM";