Skip to content

feat(sdk): ec-wrapped key support #422

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 12 commits into from
Feb 19, 2025
Merged

feat(sdk): ec-wrapped key support #422

merged 12 commits into from
Feb 19, 2025

Conversation

@dmihalcik-virtru
Copy link
Member

@dmihalcik-virtru dmihalcik-virtru commented Feb 13, 2025

  • Adds parameters for requesting EC encapsulation in TDF key access objects to SDK and CLI
    • new createZTDF parameter, wrappingKeyAlgorithm. Defaults to "rsa:2048", and can now take "ec:secp256r1".
    • cli encrypt exposes this as the --encapKeyType parameter
  • Similarly, adds parameters for requesting responses with EC wrapped return values from key access server during decrypt
    • new sdk.read parameter, wrappingKeyAlgorithm. Defaults to "rsa:2048", and can now take "ec:secp256r1". Only used for ZTDF kaos currently.
    • exposes this through cli decrypt subcommand with the --rewrapKeyType parameter

@github-actions
Copy link

github-actions bot commented Feb 13, 2025

If these changes look good, signoff on them with:

git pull && git commit --amend --signoff && git push --force-with-lease origin

If they aren't any good, please remove them with:

git pull && git reset --hard HEAD~1 && git push --force-with-lease origin

@dmihalcik-virtru dmihalcik-virtru force-pushed the feature/ec-wrapped branch 3 times, most recently from 295e0cd to db9253a Compare February 18, 2025 21:38
@dmihalcik-virtru dmihalcik-virtru marked this pull request as ready for review February 18, 2025 22:25
@dmihalcik-virtru dmihalcik-virtru requested a review from a team as a code owner February 18, 2025 22:25
@dmihalcik-virtru
feat(sdk): ec-wrapped key support
df301fb 
- Adds parameters for requesting EC encapsulation in TDF key access objects to SDK and CLI
  - new `createZTDF` parameter, `wrappingKeyAlgorithm`. Defaults to `"rsa:2048"`, and can now take `"ec:secp256r1"`.
  - cli `encrypt` exposes this as the `--encapKeyType` parameter
- Similarly, adds parameters for requesting responses with EC wrapped return values from key access server during decrypt
  - new `sdk.read` parameter, `wrappingKeyAlgorithm`. Defaults to `"rsa:2048"`, and can now take `"ec:secp256r1"`. Only used for ZTDF kaos currently.
  - exposes this through cli `decrypt` subcommand with the `--rewrapKeyType` parameter
@dmihalcik-virtru
hmm why is it not working in browsers with jose?
632a614
@dmihalcik-virtru
Update index.ts
aca38f4
@dmihalcik-virtru
debugging
46c0d05
@dmihalcik-virtru
Revert "debugging"
84f231c 
This reverts commit 8708539.
@dmihalcik-virtru
Update encrypt-decrypt.spec.ts
cc0a9c6
@dmihalcik-virtru
Update index.ts
f87c47a
@dmihalcik-virtru
Update index.ts
b5b11a6
@dmihalcik-virtru
improve cli debug logging
c4cb414
@dmihalcik-virtru
bugfix
38d6897
@dmihalcik-virtru
add a few lines of coverage
38e4a9d
@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 19, 2025

Quality Gate Failed Quality Gate failed

Failed conditions
68.4% Coverage on New Code (required ≥ 80%)

See analysis details on SonarQube Cloud

@dmihalcik-virtru dmihalcik-virtru merged commit 9d4eab4 into main Feb 19, 2025
12 of 13 checks passed
@dmihalcik-virtru dmihalcik-virtru deleted the feature/ec-wrapped branch February 19, 2025 16:09
This was referenced Jun 18, 2025
Closed
Closed
Closed
Closed
Closed
Closed
@opentdf-automation opentdf-automation bot mentioned this pull request Jun 26, 2025
Closed
This was referenced Jun 26, 2025
Merged
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sujankota sujankota sujankota approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@dmihalcik-virtru @sujankota