whyoleg / cryptography-kotlin Goto Github PK
View Code? Open in Web Editor NEWKotlin Multiplatform cryptography / crypto library
Home Page: https://whyoleg.github.io/cryptography-kotlin/
License: Apache License 2.0
Kotlin Multiplatform cryptography / crypto library
Home Page: https://whyoleg.github.io/cryptography-kotlin/
License: Apache License 2.0
Introduce an API for storing keys in JDK KeyStore, Apple KeyChain, SecureEnclave and other places.
Add support for ECDSA secp256k1 (current is secp256r1)
Add more cryptography providers like bouncycastle and spongycastle
val ecdsa = provider.get(ECDSA)
val keyPairGenerator = ecdsa.keyPairGenerator(EC.Curve.P521)
val keyPair: ECDSA.KeyPair = keyPairGenerator.generateKey()
I wasn't found setPublicKey()
I wish support for RSA.PKCS1 on the -apple
provider. The openssl3-prebuilt
works fine on iOS for me, but I fear that I will have to provide a export compliance, because it's additional cryptography to the apple build-in:
https://developer.apple.com/documentation/security/complying_with_encryption_export_regulations
As far as I understand I do not need to fill this form I just use cryptography provided by Apples framework.
My use case is verification of RS256 JWT signatures.
@whyoleg How to use the below code here.
Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
Hey there π
I just started using the BigInt functionality of this library and a slightly different use case came across: CRC (Cyclic Redundancy Check). Would that be in-scope for this library? If so, how likely is it to be supported? Thanks!
This is a proposal to support native Arm64 Linux. Artifacts might be build on Linux/Mac X64/Arm64 without additional testing. I believe providing artifacts without additional testing is better than nothing for tier-3 targets. I don't know though, whether connecting openssl to this new target challanging or not.
Introduce standalone JOSE support module with JWT/JWK/etc.
Support for JWK encoding/decoding can also be used afterwards in providers other than WebCrypto.
Full list of RFCs:
Introduce support for encoding/decoding of X.509 Certificates in ASN.1 module.
Additionally add support for storing certificates/certificate chains in PKCS12 format.
Current Linux implementation for PlatformRandom
only checks for an error, but does not check if the number returned (the number of bytes retrieved from /dev/urandom
) filled the ByteArray
completely.
See fillCompletely
for pointers
Guide should cover all available operations (not all algorithms). Some defaults could be different, from what is in JDK, so this also should be mentioned. Here is a list of JDK candidates for migration from:
For the linux implementation of PlatformRandom
it should poll /dev/random
once and only once before attempting to retrieve bytes from /dev/urandom
to ensure it is properly seeded. This was an issue with SecureRandom
on Android for API 1-18 which caused some mayhem.
https://android-developers.googleblog.com/2013/08/some-securerandom-thoughts.html
Can see my implementation for pointers https://github.com/05nelsonm/secure-random/blob/master/secure-random/src/linuxAndroidMain/kotlin/io/matthewnelson/secure/random/internal/URandom.kt
Those algorithms are useful when developing multiplatform applications with ktor.
Project: Compose Multiplatform
Library version: 0.3.0
agp = "8.2.0"
kotlin = "1.9.22"
compose-bom = "2024.02.02"
I have an error implementing cryptography-bom in the commonMain module
cryptography-bom
cryptography-core
provider-jdk
Caused by: org.gradle.api.internal.artifacts.ivyservice.DefaultLenientConfiguration$ArtifactResolveException: Could not resolve all files for configuration ':composeApp:iosArm64CompilationDependenciesMetadata'.
Allow to perform operations (such as encryption) over Sources from kotlinx.io, including files.
Additionally if needed some more low-level APIs could be implemented, so that kotlinx.io integration will just use it, f.e:
How to reproduce:
Expected result: Test runs and passes
Actual result:
FAILURE: Build failed with an exception.
command 'C:\Users\blurk\git\cryptography-kotlin\cryptography-providers\openssl3\prebuilt\build\bin\mingwX64\releaseTest\test.exe' exited with errors (exit code: -1073741515)
Comments:
I run into the same issue when adding the the lib through a gradle dependency: "implementation("dev.whyoleg.cryptography:cryptography-provider-openssl3-prebuilt-mingwx64:0.2.0")". Think makes cryptography-kotlin unusable on Windows targets.
I wanted to further debug the problem before posting the issue, but I don't know where to start from.
Can I signatureVerifier the same as ECDSA for RSA OAEP ?
Example:
val verificationResult: Boolean =
keyPair.publicKey.signatureVerifier(digest = SHA512).verifySignature("text1".encodeToByteArray(), signature)
The current issue is just a dashboard for all algorithms/operations/providers supported or planned to be supported by the library. Status is updated after release where specific item is implemented. List is ordered only by release version and doesn't represent priority in which new items will be implemented.
Feel free to comment if you are missing something from or outside the list!
For detailed information about which provider support which algorithms please consult documentation: https://whyoleg.github.io/cryptography-kotlin/providers/
Status is provided in format of [ ] when itβs not implemented and [x] (X.Y.Z) when itβs implemented in version X.Y.Z
Hi,
whenever i execute linuxX64Binaries i get this error: https://pastes.dev/sru6wccvSU .
I hope you can help me.
Library version: 0.2.0
Kotlin version: 1.9.10
Use openssl3-prebuilt provider for generate ESDSA keys on iOS.
The /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld command returned non-zero exit code: 1.
output:
ld: Undefined symbols:
_deflate, referenced from:
_zlib_stateful_compress_block in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_write in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_ctrl in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_deflateEnd, referenced from:
_zlib_stateful_finish in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_free in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_deflateInit_, referenced from:
_zlib_stateful_init in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_write in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_inflate, referenced from:
_zlib_stateful_expand_block in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_read in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_inflateEnd, referenced from:
_zlib_stateful_finish in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_free in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_inflateInit_, referenced from:
_zlib_stateful_init in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_read in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_zError, referenced from:
_bio_zlib_write in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_read in libcrypto.a[192](libcrypto-lib-c_zlib.o)
_bio_zlib_ctrl in libcrypto.a[192](libcrypto-lib-c_zlib.o)
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.