Extend HMAC metadata and builders to expose recommended key sizes and
enable safe derived-key injection without duplicating algorithm
configuration.
Key changes:
- Add HybridDerived utility for expanding hybrid KEX output and
injecting purpose-separated keys, IVs/nonces and optional AAD into
existing DataContent builders (AES-GCM, ChaCha, HMAC)
- Improve HmacSpec and HmacDataContentBuilder to expose recommended key
material characteristics for derived use
- Refine HybridKexContexts to better support exporter-based derived
workflows
- Add comprehensive unit tests for hybrid-derived functionality
- Add documented demo showing hybrid-derived AES-GCM encryption,
including local (self-recipient) hybrid usage
- Introduce top-level sdk.hybrid package documentation and derived
subpackage Javadoc
All changes are additive at the SDK layer; core cryptographic contracts
remain unchanged.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Introduce a complete SDK-level hybrid KEX framework combining classic
(DH/ECDH/XDH) and post-quantum (KEM adapter) agreement contexts.
Key additions:
- HybridKexContext and HybridKexContexts for hybrid handshake
orchestration over existing AgreementContext and
MessageAgreementContext APIs
- HybridKexProfile, HybridKexTranscript and HybridKexExporter providing
HKDF-based key derivation, transcript binding and key schedule support
- HybridKexPolicy for optional security strength and output-length
gating
- HybridKexBuilder offering a fluent, professional API for constructing
CLASSIC_AGREEMENT + KEM_ADAPTER and PAIR_MESSAGE + KEM_ADAPTER
variants
- Comprehensive JUnit tests and documented demo illustrating both hybrid
modes
No changes to core cryptographic APIs; all hybrid logic is implemented
as additive functionality in the SDK layer.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Introduce GenericJcaMessageAgreementContext and KeyPairKey to support
message-based key agreement without breaking existing AgreementContext
capabilities.
Key changes:
- Add KeyPairKey wrapper to carry KeyPair through capability dispatch.
- Introduce GenericJcaMessageAgreementContext implementing
MessageAgreementContext, mapping the protocol message to an
SPKI-encoded public key.
- Extend DH, ECDH and XDH algorithms with an additional
MessageAgreementContext capability while preserving existing
PrivateKey-based agreement usage.
- Improve core agreement tests to cover CLASSIC_AGREEMENT, PAIR_MESSAGE
and KEM_ADAPTER variants with explicit branch identification.
- Add demo samples illustrating practical usage patterns for ML-KEM and
XDH agreement variants, including lifecycle and resource management
guidance.
This change adds capabilities by extension rather than replacement and
keeps existing APIs and behaviors fully backward compatible.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Add a complete hybrid signature implementation combining two independent
signature algorithms with AND/OR verification semantics, designed for
streaming pipelines.
Key changes:
- Add zeroecho.sdk.hybrid.signature package with core hybrid signature
abstractions (HybridSignatureContext, HybridSignatureProfile,
factories, predicates, and package documentation).
- Introduce SignatureTrailerDataContentBuilder as a
signature-specialized replacement for
TagTrailerDataContentBuilder<Signature>, supporting
core, single-algorithm, and hybrid signature construction.
- Extend sdk.builders package documentation to reference the new
signature trailer builder and newly added PQC signature builders.
- Adjust TagEngineBuilder where required to support hybrid verification
integration.
- Update JUL configuration to accommodate hybrid signature diagnostics
without leaking sensitive material.
Tests and samples:
- Add comprehensive JUnit 5 tests covering hybrid signatures in all
supported modes, including positive and negative cases.
- Add a dedicated sample demonstrating hybrid signing combined with AES
encryption (StE and EtS).
- Update existing signing samples to reflect the new signature trailer
builder.
The changes introduce a unified, extensible hybrid signature model
without breaking existing core APIs or pipeline composition patterns.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
chore: update alg package docs
Introduce DataContentBuilder implementations for ML-DSA and SLH-DSA
aligned with the existing SphincsPlus builder, and update the
builders.alg package Javadoc to document the newly supported
post-quantum signature schemes.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Extend SecurityStrengthAdvisor to recognize SLH-DSA keys and map their
parameter sets (128/192/256) to NIST security strengths.
This enables CryptoPolicy.minStrength(...) to enforce SLH-DSA profiles
consistently with other PQC algorithms.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
SecretWithEncapsulation may zeroize internal buffers on destroy().
Create defensive copies of the shared secret and ciphertext using
Arrays.copyOf() before destroying the result object to ensure stable
output.
No cryptographic behavior changes; fixes a potential lifecycle bug.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
