Introduce a generic asynchronous bus used for internal PKI workflows,
with resilient sweep support and symmetric primitive/wrapper type
compatibility for dispatch handling.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
- Introduce a universal ConfigurableProvider/ProviderConfig abstraction
for ServiceLoader-based components and align PKI bootstrapping
utilities with it.
- Document deterministic provider selection, property-based
configuration conventions, and security requirements (never log config
values), including package-level documentation for spi, spi.store and
spi.bootstrap.
fix: harden audit runtime, fix gzip scanning, add bounds and docs
- Fix FileAuditSink concatenated gzip scan by shielding underlying
stream
- Use JUnit @TempDir for filesystem-backed tests
- Bound InMemoryAuditSink with deterministic ring buffer
- Add ServiceLoader smoke test and expand DefaultAuditService coverage
- Improve JavaDoc and logging across audit implementation
feat: add deterministic tests for PkiBootstrap with real SPI providers
- add JUnit 5 test suite for PkiBootstrap
- cover SPI selection for filesystem PkiStore and audit sinks
- use @TempDir for filesystem-backed providers
- register test ServiceLoader providers under src/test/resources
- ensure deterministic bootstrap behavior via system properties
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Introduce a deterministic filesystem-backed PkiStore implementation
under zeroecho.pki.impl.fs.
Key characteristics:
- write-once semantics for immutable objects with explicit failure on
overwrite
- history tracking for mutable records with full audit trail
- atomic writes using NIO (temp + move) with best-effort durability
- strict snapshot export supporting time-travel reconstruction
- configurable history retention (ON_WRITE policy)
- no secrets logged; JUL-only diagnostics for anomalies
Includes comprehensive JUnit 5 tests validating:
- write-once enforcement
- history creation and overwrite semantics
- strict snapshot export (failure and positive selection cases)
- deterministic on-disk layout and structure
This implementation is intentionally non-public and serves as a
reference and validation baseline for future persistence backends.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
This merge introduces the sdk.hybrid package with support for:
- hybrid key exchange (classic + post-quantum),
- hybrid-derived key injection for encryption and MAC builders,
- hybrid signature composition.
The implementation is additive at the SDK layer and does not modify
core cryptographic contracts.
Extend HMAC metadata and builders to expose recommended key sizes and
enable safe derived-key injection without duplicating algorithm
configuration.
Key changes:
- Add HybridDerived utility for expanding hybrid KEX output and
injecting purpose-separated keys, IVs/nonces and optional AAD into
existing DataContent builders (AES-GCM, ChaCha, HMAC)
- Improve HmacSpec and HmacDataContentBuilder to expose recommended key
material characteristics for derived use
- Refine HybridKexContexts to better support exporter-based derived
workflows
- Add comprehensive unit tests for hybrid-derived functionality
- Add documented demo showing hybrid-derived AES-GCM encryption,
including local (self-recipient) hybrid usage
- Introduce top-level sdk.hybrid package documentation and derived
subpackage Javadoc
All changes are additive at the SDK layer; core cryptographic contracts
remain unchanged.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Introduce a complete SDK-level hybrid KEX framework combining classic
(DH/ECDH/XDH) and post-quantum (KEM adapter) agreement contexts.
Key additions:
- HybridKexContext and HybridKexContexts for hybrid handshake
orchestration over existing AgreementContext and
MessageAgreementContext APIs
- HybridKexProfile, HybridKexTranscript and HybridKexExporter providing
HKDF-based key derivation, transcript binding and key schedule support
- HybridKexPolicy for optional security strength and output-length
gating
- HybridKexBuilder offering a fluent, professional API for constructing
CLASSIC_AGREEMENT + KEM_ADAPTER and PAIR_MESSAGE + KEM_ADAPTER
variants
- Comprehensive JUnit tests and documented demo illustrating both hybrid
modes
No changes to core cryptographic APIs; all hybrid logic is implemented
as additive functionality in the SDK layer.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Introduce GenericJcaMessageAgreementContext and KeyPairKey to support
message-based key agreement without breaking existing AgreementContext
capabilities.
Key changes:
- Add KeyPairKey wrapper to carry KeyPair through capability dispatch.
- Introduce GenericJcaMessageAgreementContext implementing
MessageAgreementContext, mapping the protocol message to an
SPKI-encoded public key.
- Extend DH, ECDH and XDH algorithms with an additional
MessageAgreementContext capability while preserving existing
PrivateKey-based agreement usage.
- Improve core agreement tests to cover CLASSIC_AGREEMENT, PAIR_MESSAGE
and KEM_ADAPTER variants with explicit branch identification.
- Add demo samples illustrating practical usage patterns for ML-KEM and
XDH agreement variants, including lifecycle and resource management
guidance.
This change adds capabilities by extension rather than replacement and
keeps existing APIs and behaviors fully backward compatible.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Add a complete hybrid signature implementation combining two independent
signature algorithms with AND/OR verification semantics, designed for
streaming pipelines.
Key changes:
- Add zeroecho.sdk.hybrid.signature package with core hybrid signature
abstractions (HybridSignatureContext, HybridSignatureProfile,
factories, predicates, and package documentation).
- Introduce SignatureTrailerDataContentBuilder as a
signature-specialized replacement for
TagTrailerDataContentBuilder<Signature>, supporting
core, single-algorithm, and hybrid signature construction.
- Extend sdk.builders package documentation to reference the new
signature trailer builder and newly added PQC signature builders.
- Adjust TagEngineBuilder where required to support hybrid verification
integration.
- Update JUL configuration to accommodate hybrid signature diagnostics
without leaking sensitive material.
Tests and samples:
- Add comprehensive JUnit 5 tests covering hybrid signatures in all
supported modes, including positive and negative cases.
- Add a dedicated sample demonstrating hybrid signing combined with AES
encryption (StE and EtS).
- Update existing signing samples to reflect the new signature trailer
builder.
The changes introduce a unified, extensible hybrid signature model
without breaking existing core APIs or pipeline composition patterns.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
chore: update alg package docs
Introduce DataContentBuilder implementations for ML-DSA and SLH-DSA
aligned with the existing SphincsPlus builder, and update the
builders.alg package Javadoc to document the newly supported
post-quantum signature schemes.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Extend SecurityStrengthAdvisor to recognize SLH-DSA keys and map their
parameter sets (128/192/256) to NIST security strengths.
This enables CryptoPolicy.minStrength(...) to enforce SLH-DSA profiles
consistently with other PQC algorithms.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
SecretWithEncapsulation may zeroize internal buffers on destroy().
Create defensive copies of the shared secret and ciphertext using
Arrays.copyOf() before destroying the result object to ensure stable
output.
No cryptographic behavior changes; fixes a potential lifecycle bug.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
