Introduce GenericJcaMessageAgreementContext and KeyPairKey to support
message-based key agreement without breaking existing AgreementContext
capabilities.
Key changes:
- Add KeyPairKey wrapper to carry KeyPair through capability dispatch.
- Introduce GenericJcaMessageAgreementContext implementing
MessageAgreementContext, mapping the protocol message to an
SPKI-encoded public key.
- Extend DH, ECDH and XDH algorithms with an additional
MessageAgreementContext capability while preserving existing
PrivateKey-based agreement usage.
- Improve core agreement tests to cover CLASSIC_AGREEMENT, PAIR_MESSAGE
and KEM_ADAPTER variants with explicit branch identification.
- Add demo samples illustrating practical usage patterns for ML-KEM and
XDH agreement variants, including lifecycle and resource management
guidance.
This change adds capabilities by extension rather than replacement and
keeps existing APIs and behaviors fully backward compatible.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Add a complete hybrid signature implementation combining two independent
signature algorithms with AND/OR verification semantics, designed for
streaming pipelines.
Key changes:
- Add zeroecho.sdk.hybrid.signature package with core hybrid signature
abstractions (HybridSignatureContext, HybridSignatureProfile,
factories, predicates, and package documentation).
- Introduce SignatureTrailerDataContentBuilder as a
signature-specialized replacement for
TagTrailerDataContentBuilder<Signature>, supporting
core, single-algorithm, and hybrid signature construction.
- Extend sdk.builders package documentation to reference the new
signature trailer builder and newly added PQC signature builders.
- Adjust TagEngineBuilder where required to support hybrid verification
integration.
- Update JUL configuration to accommodate hybrid signature diagnostics
without leaking sensitive material.
Tests and samples:
- Add comprehensive JUnit 5 tests covering hybrid signatures in all
supported modes, including positive and negative cases.
- Add a dedicated sample demonstrating hybrid signing combined with AES
encryption (StE and EtS).
- Update existing signing samples to reflect the new signature trailer
builder.
The changes introduce a unified, extensible hybrid signature model
without breaking existing core APIs or pipeline composition patterns.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
chore: update alg package docs
Introduce DataContentBuilder implementations for ML-DSA and SLH-DSA
aligned with the existing SphincsPlus builder, and update the
builders.alg package Javadoc to document the newly supported
post-quantum signature schemes.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
Extend SecurityStrengthAdvisor to recognize SLH-DSA keys and map their
parameter sets (128/192/256) to NIST security strengths.
This enables CryptoPolicy.minStrength(...) to enforce SLH-DSA profiles
consistently with other PQC algorithms.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
SecretWithEncapsulation may zeroize internal buffers on destroy().
Create defensive copies of the shared secret and ciphertext using
Arrays.copyOf() before destroying the result object to ensure stable
output.
No cryptographic behavior changes; fixes a potential lifecycle bug.
Signed-off-by: Leo Galambos <lg@hq.egothor.org>
