| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
| |
Define installed JARs in vespa-3party-jars. Add bundle-plugin goal
wrapping maven-shade-plugin's DefaultShader that excludes installed JARs
and lists them in manifest's Class-Path instead.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is to get around the limitation where AES GCM can only produce
a maximum of 64 GiB of ciphertext for a particular <key, IV> pair before
its security properties break down. ChaCha20-Poly1305 does not have any
practical limitations here.
ChaCha20-Poly1305 uses a 256-bit key whereas the shared key is 128 bits.
A HKDF is used to internally expand the key material to 256 bits.
To let token based decryption be fully backwards compatible, introduce
a token version 2. V1 tokens will be decrypted with AES-GCM 128, while
V2 tokens use ChaCha20-Poly1305.
As a bonus, cryptographic operations will generally be _faster_ after
this cipher change, as we use BouncyCastle ciphers and these do not use
any native AES instructions. ChaCha20-Poly1305 is usually considerably
faster when running without specialized hardware support. An ad-hoc
experiment with a large ciphertext showed a near 70% performance increase
over AES-GCM 128.
|
|
|
|
|
| |
Simplifies working with compressed plaintext, as it removes the need
for piping via `unzstd` or using a temporary file.
|
|
|
|
| |
Time to let the old one go.
|
| |
|
|
|
|
| |
Makes it easier to include an explicit key version as part of the ID.
|
|\
| |
| | |
GC unused security-tools
|
| | |
|
| |
| |
| |
| |
| | |
`tensor-short-form` -> `shorttensors` to be in line with existing
option formatting.
|
| | |
|
|/
|
|
|
|
| |
Specified with `--tensor-short-form`. No single-char option alias,
as short form output will be the default on Vespa 9 and we're running
out of usable option characters for this tool anyway.
|
| |
|
|
|
|
| |
common jar file.
|
| |
|
| |
|
| |
|
|
|
|
| |
are explicitly excluded by container-dev
|
|
|
|
| |
excludes...
|
|
|
|
| |
com.yahoo.search.query.profile.DumpTool:wq.
|
| |
|
| |
|
|
|
|
|
|
| |
Useful when the script is run in a context where `VESPA_HOME` is not
set. Should work both if the script is invoked directly or through a
symbolic link.
|
|
|
|
|
|
| |
Avoids having to use a file indirection for inputting a private key.
Only available when the JVM is running under an interactive console
and none of the input/output files use standard streams.
|
|
|
|
|
|
|
|
| |
Lets a user specify a private key directory either with a command
line argument or via an environment variable. If a directory is
provided, the private key to use will be attempted auto-resolved
based on the key ID stored in the token. This only applies if the
key ID is comprised of exclusively path-safe characters.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This resolves two issues:
* `javax.crypto.OutputCipherStream` swallows MAC tag mismatch exceptions
when the stream is closed, which means that corruptions (intentional
or not) are not caught. This is documented behavior, but still very
surprising and a rather questionable default. BC's interchangeable
`CipherOutputStream` throws as expected. To avoid regressions, add an
explicit test that both ciphertext and MAC tag corruptions are propagated.
* The default-provided `AES/GCM/NoPadding` `Cipher` instance will not emit
decrypted plaintext per `update()` chunk, but buffer everything until
`doFinal()` is invoked when the stream is closed. This means that decrypting
very large ciphertexts can blow up memory usage since internal output
buffers are reallocated and increased per iteration...! Instead use an
explicit BC `GCMBlockCipher` which has the expected behavior (and actually
lets cipher streams, well, _stream_). Add an `AeadCipher` abstraction to
avoid leaking BC APIs outside the security module.
|
|
|
|
|
|
|
|
|
| |
Adds underlying support--and tooling--for resealing a token for
another recipient. This allows for delegating decryption to another
party without having to reveal the private key of the original
recipient (or having to send the raw underlying secret key over a
potentially insecure channel). Key ID can/should change as part of
this operation.
|
| |
|
|
|
|
|
|
|
|
| |
* Base62 minimizes extra size overhead relative to Base64.
* Base58 removes ambiguous characters from key encodings.
Common for both bases is that they do not emit any characters that
interfer with easily selecting them on web pages or in the CLI.
|
|
|
|
|
|
|
|
| |
Currently supports converting from and to any combination of
base {16, 58, 62, 64}. Input is read from STDIN and is intentionally
limited in length due to the algorithmic complexity of base
conversions that are not a power of two. Converted value is
written to STDOUT.
|
|
|
|
| |
Enforces invariants and avoids having to pass raw byte arrays around.
|
|
|
|
| |
Dumps key version, ID and HPKE components
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes key IDs vastly more expressive. Max size is 255 bytes,
and UTF-8 form is enforced by checking that the byte sequence can be
identity-transformed to and from a string with UTF-8 encoding.
In addition, we now protect the integrity of the key ID by supplying
it as the AAD parameter to the key sealing and opening operations.
Reduce v1 token max length of `enc` part to 255, since this is always
an X25519 public key, which is never bigger than 32 bytes (but may
be _less_ if the random `BigInteger` is small enough, so we still have
to encode the length).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Useful for avoiding the need for intermediate files, such as when
piping the output of decryption to a Zstd decompressor.
Adds stdio support to:
* Encryption input
* Decryption input
* Decryption output
Specified by substituting the file name with a single `-` character.
|
|
|
|
|
|
|
| |
Adds support for:
* X25519 key pair generation
* HPKE stream encryption with public key and token generation
* HPKE stream decryption with private key
|
|
|
|
|
| |
* remove now-duplicated code
* prefer using ${VESPA_HOME} environment variable
|
| |
|
| |
|
|
|
|
| |
magic conversions.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Streaming search still uses this to ensure low latencies, and
we don't have a replacement for priorities for this use case yet.
|
|
|
|
| |
Add dependency on 'jetty-http' with scope test instead of adding false dependencies with 'container-test'.
|
|
|
|
| |
Also remove deprecated and unsupported header-only visitor parameter
|
| |
|
|
|
|
|
|
|
| |
Load types have not been properly supported for some time, so remove
the remaining API surfaces exposing them. Since load type config was
the last remaining use of <clients> in services.xml, remove that one
as well.
|
| |
|
| |
|
| |
|