Skip to content

Added in xkeys support, which are encoded x25519 keys. #37

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
derekcollison merged 2 commits into from
Dec 5, 2022
Merged

Added in xkeys support, which are encoded x25519 keys. #37

derekcollison merged 2 commits into from
Dec 5, 2022

Conversation

@derekcollison
Copy link
Member

@derekcollison derekcollison commented Dec 2, 2022

Also added in support for nacl.Box compatibility for Seal and Open, but we pick a random nonce for the user via a random source and append for the user to avoid any bad practices.

Nacl is not the most modern approach, but has broad adoption which was a factor regarding encrypted external authorization callouts.

We may add in other ways to encrypt data for larger messages and multiple recipients in the future.

Signed-off-by: Derek Collison [email protected]

@coveralls
Copy link

coveralls commented Dec 2, 2022
edited
Loading

Pull Request Test Coverage Report for Build 162

  • 86 of 121 (71.07%) changed or added relevant lines in 3 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-2.9%) to 78.937%
Changes Missing Coverage Covered Lines Changed/Added Lines %
keypair.go 6 8 75.0%
strkey.go 9 11 81.82%
xkeys.go 71 102 69.61%
Totals Coverage Status
Change from base Build 147: -2.9%
Covered Lines: 386
Relevant Lines: 489
💛 - Coveralls

@coveralls
Copy link

coveralls commented Dec 2, 2022

Pull Request Test Coverage Report for Build 152

  • 77 of 108 (71.3%) changed or added relevant lines in 3 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage decreased (-12.03%) to 69.792%
Changes Missing Coverage Covered Lines Changed/Added Lines %
strkey.go 9 11 81.82%
xkeys.go 67 96 69.79%
Totals Coverage Status
Change from base Build 147: -12.03%
Covered Lines: 67
Relevant Lines: 96
💛 - Coveralls

@derekcollison derekcollison requested a review from aricart December 2, 2022 23:24
@derekcollison derekcollison force-pushed the xkeys branch 2 times, most recently from 73c33d0 to 9f69aec Compare December 4, 2022 21:49
aricart
aricart previously approved these changes Dec 5, 2022
View reviewed changes
Copy link
Member

@aricart aricart left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

philpennock
philpennock requested changes Dec 5, 2022
View reviewed changes
Copy link
Member

@philpennock philpennock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Beware that there are attacks when supplied with private keys and public keys which don't actually correspond to them, and until now we've been resilient because we've always used the seed to generate both at the same time.

Beware that the seed is not the private key, but the rand source for generating the keypair.

@derekcollison
Copy link
Member Author

derekcollison commented Dec 5, 2022

Not following this comment..


Beware that the seed is not the private key, but the rand source for generating the keypair.

philpennock
philpennock previously approved these changes Dec 5, 2022
View reviewed changes
Copy link
Member

@philpennock philpennock left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

My mistake. I thought our "seeds" were seeds for initializing a CSPRNG to read some number of octets from it, not the private key and a replacement source for reading from. Okay, LGTM. (Obligatory: I am not a cryptographer)

@derekcollison derekcollison requested a review from aricart December 5, 2022 18:05
@derekcollison
Added in xkeys support, which are encoded x25519 keys.
ffc2025 
Also added in support for nacl.Box compatibility for Seal and Open. We pick a random nonce for the user via a random source.
We may add in other ways to encrypt data for larger messages and multiple recipients in the future.

Signed-off-by: Derek Collison <[email protected]>
@derekcollison
Removed ppc64 arch from Travis
4f089af 
Signed-off-by: Derek Collison <[email protected]>
@derekcollison
Copy link
Member Author

derekcollison commented Dec 5, 2022

Squashed, once green will merge.

@derekcollison derekcollison merged commit 5d8a673 into main Dec 5, 2022
@derekcollison derekcollison deleted the xkeys branch December 28, 2023 17:35
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@philpennock philpennock philpennock approved these changes

@wallyqs wallyqs Awaiting requested review from wallyqs

@ripienaar ripienaar Awaiting requested review from ripienaar

@aricart aricart Awaiting requested review from aricart

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@derekcollison @coveralls @philpennock @aricart