| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
| |
* Base62 minimizes extra size overhead relative to Base64.
* Base58 removes ambiguous characters from key encodings.
Common for both bases is that they do not emit any characters that
interfer with easily selecting them on web pages or in the CLI.
|
|
|
|
|
|
|
| |
Avoids the need to pass the full key pair when opening a sealed piece
of ciphertext, since we can just extract the public key on-demand.
Uses BouncyCastle X25519 utils under the hood.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
HPKE is a hybrid encryption scheme that builds around three primitives:
* A key encapsulation mechanism (KEM)
* A key derivation function (KDF)
* An "authenticated encryption with associated data" (AEAD) algorithm
The 3-tuple (KEM, KDF, AEAD) is known as the HPKE _ciphersuite_.
This implementation has certain (intentional) limitations:
* Only the `DHKEM(X25519, HKDF-SHA256), HKDF-SHA256, AES-128-GCM`
ciphersuite is implemented. This is expected to be a good default
choice for any internal use of this class.
* Only the "base mode" (unauthenticated sender) is supported, i.e.
no PSK support and no secret exporting. This implementation is
only expected to be used for anonymous one-way encryption.
* The API only offers single-shot encryption to keep anyone from
being tempted to use it to build their own multi-message protocol
on top. This entirely avoids the risk of nonce reuse caused by
accidentally repeating sequence numbers.
**Deprecation notice:** once BouncyCastle (or the Java crypto API)
supports HPKE, this particular implementation can safely be deprecated
and sent off to live on a farm.
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
Remove use of JcaPEMKeyConverter as it generated keys with 'ECDSA' as algorithm.
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
vespa-engine/revert-8308-bratseth/disallow-dash-rebased"
This reverts commit 43cf4fd1ec196cb0543af73db8e3bd1f6774f0a8, reversing
changes made to 14172aa5cd890445980202909d1277429e4c5a3a.
|
| |
|
| |
|
|
|
|
|
| |
This allows the TLS test in jrt to use elliptic curves crypto in unit
tests (fixes issue where JSSE cannot find matching cipher).
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|