[GitHub] [wicket] svenmeier commented on pull request #549: ListenerRequestHandler no longer hides IndexOutOfBoundsException in b…
svenmeier commented on PR #549: URL: https://github.com/apache/wicket/pull/549#issuecomment-1320392005 Thanks! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@wicket.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Resolved] (WICKET-7017) ListenerRequestHandler should not hide IndexOutOfBoundsException
[ https://issues.apache.org/jira/browse/WICKET-7017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sven Meier resolved WICKET-7017. Fix Version/s: 10.0.0 8.15.0 9.13.0 Resolution: Fixed See https://github.com/apache/wicket/pull/549 > ListenerRequestHandler should not hide IndexOutOfBoundsException > > > Key: WICKET-7017 > URL: https://issues.apache.org/jira/browse/WICKET-7017 > Project: Wicket > Issue Type: Improvement > Components: wicket >Affects Versions: 10.0.0, 8.14.0, 9.12.0 >Reporter: Sven Meier >Assignee: Sven Meier >Priority: Minor > Fix For: 10.0.0, 8.15.0, 9.13.0 > > > An IndexOutOfBoundsException occuring inside the behavior invocation is > wrapped currently in a WicketRuntimeException with the message "Couldn't find > component behavior". > This should only be done for IndexOutOfBoundsException raised by the actual > search for the behavior and not by the invocation of the behavior. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (WICKET-7017) ListenerRequestHandler should not hide IndexOutOfBoundsException
Sven Meier created WICKET-7017: -- Summary: ListenerRequestHandler should not hide IndexOutOfBoundsException Key: WICKET-7017 URL: https://issues.apache.org/jira/browse/WICKET-7017 Project: Wicket Issue Type: Improvement Components: wicket Affects Versions: 9.12.0, 8.14.0, 10.0.0 Reporter: Sven Meier Assignee: Sven Meier An IndexOutOfBoundsException occuring inside the behavior invocation is wrapped currently in a WicketRuntimeException with the message "Couldn't find component behavior". This should only be done for IndexOutOfBoundsException raised by the actual search for the behavior and not by the invocation of the behavior. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[wicket] branch wicket-8.x updated: ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
This is an automated email from the ASF dual-hosted git repository. svenmeier pushed a commit to branch wicket-8.x in repository https://gitbox.apache.org/repos/asf/wicket.git The following commit(s) were added to refs/heads/wicket-8.x by this push: new 9df46b4cb0 ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior 9df46b4cb0 is described below commit 9df46b4cb09a564423393d78206c52abd0dfc084 Author: dr0ps AuthorDate: Fri Nov 18 17:35:03 2022 +0100 ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior --- .../apache/wicket/core/request/handler/ListenerRequestHandler.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java index 91b8b2a768..f9a6aec4ce 100644 --- a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java +++ b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java @@ -216,16 +216,16 @@ public class ListenerRequestHandler } else { + final Behavior behavior; try { - Behavior behavior = getComponent().getBehaviorById(behaviorId); - invoke(requestCycle, policy, ajax, getComponent(), behavior); + behavior = getComponent().getBehaviorById(behaviorId); } catch (IndexOutOfBoundsException e) { throw new WicketRuntimeException("Couldn't find component behavior.", e); } - + invoke(requestCycle, policy, ajax, getComponent(), behavior); } }
[wicket] branch wicket-9.x updated: ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
This is an automated email from the ASF dual-hosted git repository. svenmeier pushed a commit to branch wicket-9.x in repository https://gitbox.apache.org/repos/asf/wicket.git The following commit(s) were added to refs/heads/wicket-9.x by this push: new e92a01108a ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior e92a01108a is described below commit e92a01108aa1d7667666ea82b617e3414a3a679d Author: dr0ps AuthorDate: Fri Nov 18 17:35:03 2022 +0100 ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior --- .../apache/wicket/core/request/handler/ListenerRequestHandler.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java index 80d0d5b098..5279cadb56 100644 --- a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java +++ b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java @@ -210,16 +210,16 @@ public class ListenerRequestHandler } else { + final Behavior behavior; try { - Behavior behavior = getComponent().getBehaviorById(behaviorId); - invoke(requestCycle, policy, ajax, getComponent(), behavior); + behavior = getComponent().getBehaviorById(behaviorId); } catch (IndexOutOfBoundsException e) { throw new WicketRuntimeException("Couldn't find component behavior.", e); } - + invoke(requestCycle, policy, ajax, getComponent(), behavior); } }
[wicket] branch master updated: ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
This is an automated email from the ASF dual-hosted git repository. svenmeier pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/wicket.git The following commit(s) were added to refs/heads/master by this push: new 0c4b88e16a ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior 0c4b88e16a is described below commit 0c4b88e16a3ec7478fbc8f86991c6b07805ed821 Author: dr0ps AuthorDate: Fri Nov 18 17:35:03 2022 +0100 ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior --- .../apache/wicket/core/request/handler/ListenerRequestHandler.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java index 80d0d5b098..5279cadb56 100644 --- a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java +++ b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java @@ -210,16 +210,16 @@ public class ListenerRequestHandler } else { + final Behavior behavior; try { - Behavior behavior = getComponent().getBehaviorById(behaviorId); - invoke(requestCycle, policy, ajax, getComponent(), behavior); + behavior = getComponent().getBehaviorById(behaviorId); } catch (IndexOutOfBoundsException e) { throw new WicketRuntimeException("Couldn't find component behavior.", e); } - + invoke(requestCycle, policy, ajax, getComponent(), behavior); } }
[GitHub] [wicket] dr0ps commented on pull request #549: ListenerRequestHandler no longer hides IndexOutOfBoundsException in b…
dr0ps commented on PR #549: URL: https://github.com/apache/wicket/pull/549#issuecomment-1320263007 Previously an IndexOutOfBoundsException occuring inside the behavior invocation would be wrapped in a WicketRuntimeException with the message "Couldn't find component behavior". This should only be done for IndexOutOfBoundsException raised by the actual search for the behavior and not by the invocation of the behavior. This is fixed here. This patch should apply to at least versions 8, 9 and 10 of Wicket. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@wicket.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [wicket] dr0ps opened a new pull request, #549: ListenerRequestHandler no longer hides IndexOutOfBoundsException in b…
dr0ps opened a new pull request, #549: URL: https://github.com/apache/wicket/pull/549 …ehavior -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@wicket.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Emond Papegaaij updated WICKET-7016: Description: The current ICrypter implementation uses AES-256 with CBC. Although this is still secure, GCM is now considered a better alternative. The big plus for GCM is the fact that it is an authenticated form of encryption: the encrypted data is verified with the key using a MAC. This makes the encrypted data tamper-proof. The downside of GCM is that it fails catastrophically if the nonce is reused for a certain key. This makes it dangerous to use random nonces. GCM-SIV fixes this at the expense of a higher cost. Bouncy Castle has a good GCM-SIV implementation (the JDK does not). (was: The current ICrypter implementation uses AES-256 with CBC. Although this is still secure, GCM is now considered a better alternative. The big plus for GCM is the fact that it is an authenticated form of encryption: the encrypted data is verified with the key using a MAC. This makes the encrypted data tamper-proof. The downside of GCM is that it fails catastrophically if the nonce is reused for a certain key. This makes it dangerous to use random nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy Castle has a good GCM-SIV implementation (the JDK does not).) > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > Fix For: 10.0.0, 9.13.0 > > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a higher cost. Bouncy Castle has > a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Emond Papegaaij resolved WICKET-7016. - Fix Version/s: 10.0.0 9.13.0 Resolution: Fixed > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > Fix For: 10.0.0, 9.13.0 > > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17635817#comment-17635817 ] ASF subversion and git services commented on WICKET-7016: - Commit 210525f0ecd30794532b5ebebfbe677daf244517 in wicket's branch refs/heads/master from Emond Papegaaij [ https://gitbox.apache.org/repos/asf?p=wicket.git;h=210525f0ec ] WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[wicket] branch master updated: WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption
This is an automated email from the ASF dual-hosted git repository. papegaaij pushed a commit to branch master in repository https://gitbox.apache.org/repos/asf/wicket.git The following commit(s) were added to refs/heads/master by this push: new 210525f0ec WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption 210525f0ec is described below commit 210525f0ecd30794532b5ebebfbe677daf244517 Author: Emond Papegaaij AuthorDate: Fri Nov 18 11:59:31 2022 +0100 WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption --- pom.xml| 6 ++ wicket-core/pom.xml| 5 + wicket-core/src/main/java/module-info.java | 1 + .../apache/wicket/pageStore/CryptingPageStore.java | 2 +- .../wicket/pageStore/crypt/GCMSIVCrypter.java | 107 + .../org/apache/wicket/settings/StoreSettings.java | 29 ++ .../wicket/pageStore/CryptingPageStoreTest.java| 49 -- 7 files changed, 188 insertions(+), 11 deletions(-) diff --git a/pom.xml b/pom.xml index d4dadc97f1..f07d75e49b 100644 --- a/pom.xml +++ b/pom.xml @@ -138,6 +138,7 @@ 9.2 1.9.7 3.21.0 + 1.72 1.12.2 4.1.0 3.2.2 @@ -480,6 +481,11 @@ aspectjrt ${aspectj.version} + + org.bouncycastle + bcprov-jdk18on + ${bouncycastle.version} + org.danekja jdk-serializable-functional diff --git a/wicket-core/pom.xml b/wicket-core/pom.xml index a699761976..7a606c8bf6 100644 --- a/wicket-core/pom.xml +++ b/wicket-core/pom.xml @@ -169,6 +169,11 @@ org.apache.wicket.validation.validator;-noimport:=true org.apache.wicket wicket-util + + org.bouncycastle + bcprov-jdk18on + true + org.danekja jdk-serializable-functional diff --git a/wicket-core/src/main/java/module-info.java b/wicket-core/src/main/java/module-info.java index 3ab3c7f0ed..04cc5f45c1 100644 --- a/wicket-core/src/main/java/module-info.java +++ b/wicket-core/src/main/java/module-info.java @@ -29,6 +29,7 @@ module org.apache.wicket.core { requires org.danekja.jdk.serializable.functional; requires com.github.openjson; requires org.junit.jupiter.api; +requires static org.bouncycastle.provider; provides org.apache.wicket.IInitializer with org.apache.wicket.Initializer; provides org.apache.wicket.resource.FileSystemPathService with org.apache.wicket.resource.FileSystemJarPathService; diff --git a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java index b8e26ac9e9..32185a620b 100644 --- a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java +++ b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java @@ -96,7 +96,7 @@ public class CryptingPageStore extends DelegatingPageStore */ protected ICrypter newCrypter() { - return new DefaultCrypter(); + return application.getStoreSettings().getCrypter().get(); } @Override diff --git a/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java new file mode 100644 index 00..e4fff7bcc8 --- /dev/null +++ b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java @@ -0,0 +1,107 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.wicket.pageStore.crypt; + +import java.security.AlgorithmParameters; +import
[jira] [Commented] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17635814#comment-17635814 ] ASF subversion and git services commented on WICKET-7016: - Commit 7cb9c91f8f9fbdbabab900514b4306889fae8aaa in wicket's branch refs/heads/wicket-9.x from Emond Papegaaij [ https://gitbox.apache.org/repos/asf?p=wicket.git;h=7cb9c91f8f ] WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[wicket] branch wicket-9.x updated: WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption
This is an automated email from the ASF dual-hosted git repository. papegaaij pushed a commit to branch wicket-9.x in repository https://gitbox.apache.org/repos/asf/wicket.git The following commit(s) were added to refs/heads/wicket-9.x by this push: new 7cb9c91f8f WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption 7cb9c91f8f is described below commit 7cb9c91f8f9fbdbabab900514b4306889fae8aaa Author: Emond Papegaaij AuthorDate: Fri Nov 18 11:59:31 2022 +0100 WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption --- pom.xml| 6 ++ wicket-core/pom.xml| 5 + wicket-core/src/main/java/module-info.java | 1 + .../apache/wicket/pageStore/CryptingPageStore.java | 2 +- .../wicket/pageStore/crypt/GCMSIVCrypter.java | 107 + .../org/apache/wicket/settings/StoreSettings.java | 29 ++ .../wicket/pageStore/CryptingPageStoreTest.java| 49 -- 7 files changed, 188 insertions(+), 11 deletions(-) diff --git a/pom.xml b/pom.xml index ba1e928ddf..ca2ad83798 100644 --- a/pom.xml +++ b/pom.xml @@ -137,6 +137,7 @@ 9.1 1.9.6 3.19.0 + 1.72 4.1.0 3.3.0 1.11.12 @@ -483,6 +484,11 @@ aspectjrt ${aspectj.version} + + org.bouncycastle + bcprov-jdk18on + ${bouncycastle.version} + org.danekja jdk-serializable-functional diff --git a/wicket-core/pom.xml b/wicket-core/pom.xml index 30133d97d8..e563553fcc 100644 --- a/wicket-core/pom.xml +++ b/wicket-core/pom.xml @@ -168,6 +168,11 @@ org.apache.wicket.validation.validator;-noimport:=true org.apache.wicket wicket-util + + org.bouncycastle + bcprov-jdk18on + true + org.danekja jdk-serializable-functional diff --git a/wicket-core/src/main/java/module-info.java b/wicket-core/src/main/java/module-info.java index de5f4bb89f..d9af7a5ead 100644 --- a/wicket-core/src/main/java/module-info.java +++ b/wicket-core/src/main/java/module-info.java @@ -29,6 +29,7 @@ module org.apache.wicket.core { requires org.danekja.jdk.serializable.functional; requires com.github.openjson; requires org.junit.jupiter.api; +requires static org.bouncycastle.provider; provides org.apache.wicket.IInitializer with org.apache.wicket.Initializer; provides org.apache.wicket.resource.FileSystemPathService with org.apache.wicket.resource.FileSystemJarPathService; diff --git a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java index b8e26ac9e9..32185a620b 100644 --- a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java +++ b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java @@ -96,7 +96,7 @@ public class CryptingPageStore extends DelegatingPageStore */ protected ICrypter newCrypter() { - return new DefaultCrypter(); + return application.getStoreSettings().getCrypter().get(); } @Override diff --git a/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java new file mode 100644 index 00..e4fff7bcc8 --- /dev/null +++ b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java @@ -0,0 +1,107 @@ +/* + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed with + * this work for additional information regarding copyright ownership. + * The ASF licenses this file to You under the Apache License, Version 2.0 + * (the "License"); you may not use this file except in compliance with + * the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ +package org.apache.wicket.pageStore.crypt; + +import java.security.AlgorithmParameters; +import
[jira] [Assigned] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Emond Papegaaij reassigned WICKET-7016: --- Assignee: Emond Papegaaij > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (WICKET-7016) Support GCM-SIV for page store encryption
Emond Papegaaij created WICKET-7016: --- Summary: Support GCM-SIV for page store encryption Key: WICKET-7016 URL: https://issues.apache.org/jira/browse/WICKET-7016 Project: Wicket Issue Type: Improvement Components: wicket-core Affects Versions: 9.12.0 Reporter: Emond Papegaaij The current ICrypter implementation uses AES-256 with CBC. Although this is still secure, GCM is now considered a better alternative. The big plus for GCM is the fact that it is an authenticated form of encryption: the encrypted data is verified with the key using a MAC. This makes the encrypted data tamper-proof. The downside of GCM is that it fails catastrophically if the nonce is reused for a certain key. This makes it dangerous to use random nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)