Skip to content

Add AES-CBC-HMAC AEAD cipher to Dapr crypto #40

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Mar 21, 2023
Merged

Add AES-CBC-HMAC AEAD cipher to Dapr crypto #40

merged 4 commits into from
Mar 21, 2023

Conversation

@ItalyPaleAle
Copy link
Contributor

@ItalyPaleAle ItalyPaleAle commented Mar 19, 2023

This PR adds support for AES-CBC-HMAC in the Dapr crypto package, which is an AEAD cipher based on AES-CBC.

This code is needed by both the crypto building block (dapr/proposals#3) and the Dapr state store encryption v2 (dapr/dapr#6027)

Includes:

  • Adding the AES-CBC-HMAC cipher in the package crypto/aescbcaead, implemented according to draft RFC and RFC 7518 Section 5.
  • Adds support for these algorithms when using encryption with local storage components. JWA (JSON Web Algorithm) identifiers are:
    • A128CBC-HS256
    • A192CBC-HS384
    • A256CBC-HS512

@ItalyPaleAle
Add AES-CBC AEAD with HMAC-SHA
573ae13 
Signed-off-by: ItalyPaleAle <[email protected]>
@ItalyPaleAle
Moved to internal packages
36108e7 
Signed-off-by: ItalyPaleAle <[email protected]>
@ItalyPaleAle
Registered ciphers
60ea3e1 
Signed-off-by: ItalyPaleAle <[email protected]>
@ItalyPaleAle
Completed work:
3b124d7 
- Moved packages out of internal
- Fixed Overhead() in AES-CBC-HMAC code
- Added last tests

Signed-off-by: ItalyPaleAle <[email protected]>
@ItalyPaleAle ItalyPaleAle requested review from a team as code owners March 19, 2023 01:52
@codecov-commenter
Copy link

codecov-commenter commented Mar 19, 2023

Codecov Report

Merging #40 (3b124d7) into main (b5bafe8) will decrease coverage by 0.64%.
The diff coverage is 74.04%.

@@            Coverage Diff             @@
##             main      #40      +/-   ##
==========================================
- Coverage   80.64%   80.01%   -0.64%     
==========================================
  Files          25       26       +1     
  Lines        1354     1481     +127     
==========================================
+ Hits         1092     1185      +93     
- Misses        197      217      +20     
- Partials       65       79      +14
Impacted Files Coverage Δ
crypto/padding/pkcs7_padding.go 100.00% <ø> (ø)
crypto/symmetric.go 51.41% <50.00%> (-1.70%) ⬇️
crypto/aescbcaead/aescbcaead.go 83.15% <83.15%> (ø)

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

@ItalyPaleAle ItalyPaleAle mentioned this pull request Mar 20, 2023
Closed
3 tasks
@ItalyPaleAle ItalyPaleAle merged commit efcc1af into dapr:main Mar 21, 2023
@ItalyPaleAle ItalyPaleAle deleted the aes-cbc-aead branch March 21, 2023 00:36
@ItalyPaleAle ItalyPaleAle mentioned this pull request Mar 28, 2023
Open
21 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@berndverst berndverst berndverst approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ItalyPaleAle @codecov-commenter @berndverst