[GitHub] [wicket] svenmeier commented on pull request #549: ListenerRequestHandler no longer hides IndexOutOfBoundsException in b…
svenmeier commented on PR #549: URL: https://github.com/apache/wicket/pull/549#issuecomment-1320392005 Thanks! -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@wicket.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Resolved] (WICKET-7017) ListenerRequestHandler should not hide IndexOutOfBoundsException
[ https://issues.apache.org/jira/browse/WICKET-7017?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Sven Meier resolved WICKET-7017. Fix Version/s: 10.0.0 8.15.0 9.13.0 Resolution: Fixed See https://github.com/apache/wicket/pull/549 > ListenerRequestHandler should not hide IndexOutOfBoundsException > > > Key: WICKET-7017 > URL: https://issues.apache.org/jira/browse/WICKET-7017 > Project: Wicket > Issue Type: Improvement > Components: wicket >Affects Versions: 10.0.0, 8.14.0, 9.12.0 >Reporter: Sven Meier >Assignee: Sven Meier >Priority: Minor > Fix For: 10.0.0, 8.15.0, 9.13.0 > > > An IndexOutOfBoundsException occuring inside the behavior invocation is > wrapped currently in a WicketRuntimeException with the message "Couldn't find > component behavior". > This should only be done for IndexOutOfBoundsException raised by the actual > search for the behavior and not by the invocation of the behavior. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (WICKET-7017) ListenerRequestHandler should not hide IndexOutOfBoundsException
Sven Meier created WICKET-7017: -- Summary: ListenerRequestHandler should not hide IndexOutOfBoundsException Key: WICKET-7017 URL: https://issues.apache.org/jira/browse/WICKET-7017 Project: Wicket Issue Type: Improvement Components: wicket Affects Versions: 9.12.0, 8.14.0, 10.0.0 Reporter: Sven Meier Assignee: Sven Meier An IndexOutOfBoundsException occuring inside the behavior invocation is wrapped currently in a WicketRuntimeException with the message "Couldn't find component behavior". This should only be done for IndexOutOfBoundsException raised by the actual search for the behavior and not by the invocation of the behavior. -- This message was sent by Atlassian Jira (v8.20.10#820010)
[wicket] branch wicket-8.x updated: ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch wicket-8.x
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/wicket-8.x by this push:
new 9df46b4cb0 ListenerRequestHandler no longer hides
IndexOutOfBoundsException in behavior
9df46b4cb0 is described below
commit 9df46b4cb09a564423393d78206c52abd0dfc084
Author: dr0ps
AuthorDate: Fri Nov 18 17:35:03 2022 +0100
ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
---
.../apache/wicket/core/request/handler/ListenerRequestHandler.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git
a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
index 91b8b2a768..f9a6aec4ce 100644
---
a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
+++
b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
@@ -216,16 +216,16 @@ public class ListenerRequestHandler
}
else
{
+ final Behavior behavior;
try
{
- Behavior behavior =
getComponent().getBehaviorById(behaviorId);
- invoke(requestCycle, policy, ajax,
getComponent(), behavior);
+ behavior =
getComponent().getBehaviorById(behaviorId);
}
catch (IndexOutOfBoundsException e)
{
throw new WicketRuntimeException("Couldn't find
component behavior.", e);
}
-
+ invoke(requestCycle, policy, ajax, getComponent(),
behavior);
}
}
[wicket] branch wicket-9.x updated: ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch wicket-9.x
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/wicket-9.x by this push:
new e92a01108a ListenerRequestHandler no longer hides
IndexOutOfBoundsException in behavior
e92a01108a is described below
commit e92a01108aa1d7667666ea82b617e3414a3a679d
Author: dr0ps
AuthorDate: Fri Nov 18 17:35:03 2022 +0100
ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
---
.../apache/wicket/core/request/handler/ListenerRequestHandler.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git
a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
index 80d0d5b098..5279cadb56 100644
---
a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
+++
b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
@@ -210,16 +210,16 @@ public class ListenerRequestHandler
}
else
{
+ final Behavior behavior;
try
{
- Behavior behavior =
getComponent().getBehaviorById(behaviorId);
- invoke(requestCycle, policy, ajax,
getComponent(), behavior);
+ behavior =
getComponent().getBehaviorById(behaviorId);
}
catch (IndexOutOfBoundsException e)
{
throw new WicketRuntimeException("Couldn't find
component behavior.", e);
}
-
+ invoke(requestCycle, policy, ajax, getComponent(),
behavior);
}
}
[wicket] branch master updated: ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
This is an automated email from the ASF dual-hosted git repository.
svenmeier pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 0c4b88e16a ListenerRequestHandler no longer hides
IndexOutOfBoundsException in behavior
0c4b88e16a is described below
commit 0c4b88e16a3ec7478fbc8f86991c6b07805ed821
Author: dr0ps
AuthorDate: Fri Nov 18 17:35:03 2022 +0100
ListenerRequestHandler no longer hides IndexOutOfBoundsException in behavior
---
.../apache/wicket/core/request/handler/ListenerRequestHandler.java | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git
a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
index 80d0d5b098..5279cadb56 100644
---
a/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
+++
b/wicket-core/src/main/java/org/apache/wicket/core/request/handler/ListenerRequestHandler.java
@@ -210,16 +210,16 @@ public class ListenerRequestHandler
}
else
{
+ final Behavior behavior;
try
{
- Behavior behavior =
getComponent().getBehaviorById(behaviorId);
- invoke(requestCycle, policy, ajax,
getComponent(), behavior);
+ behavior =
getComponent().getBehaviorById(behaviorId);
}
catch (IndexOutOfBoundsException e)
{
throw new WicketRuntimeException("Couldn't find
component behavior.", e);
}
-
+ invoke(requestCycle, policy, ajax, getComponent(),
behavior);
}
}
[GitHub] [wicket] dr0ps commented on pull request #549: ListenerRequestHandler no longer hides IndexOutOfBoundsException in b…
dr0ps commented on PR #549: URL: https://github.com/apache/wicket/pull/549#issuecomment-1320263007 Previously an IndexOutOfBoundsException occuring inside the behavior invocation would be wrapped in a WicketRuntimeException with the message "Couldn't find component behavior". This should only be done for IndexOutOfBoundsException raised by the actual search for the behavior and not by the invocation of the behavior. This is fixed here. This patch should apply to at least versions 8, 9 and 10 of Wicket. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@wicket.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [wicket] dr0ps opened a new pull request, #549: ListenerRequestHandler no longer hides IndexOutOfBoundsException in b…
dr0ps opened a new pull request, #549: URL: https://github.com/apache/wicket/pull/549 …ehavior -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@wicket.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[jira] [Updated] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Emond Papegaaij updated WICKET-7016: Description: The current ICrypter implementation uses AES-256 with CBC. Although this is still secure, GCM is now considered a better alternative. The big plus for GCM is the fact that it is an authenticated form of encryption: the encrypted data is verified with the key using a MAC. This makes the encrypted data tamper-proof. The downside of GCM is that it fails catastrophically if the nonce is reused for a certain key. This makes it dangerous to use random nonces. GCM-SIV fixes this at the expense of a higher cost. Bouncy Castle has a good GCM-SIV implementation (the JDK does not). (was: The current ICrypter implementation uses AES-256 with CBC. Although this is still secure, GCM is now considered a better alternative. The big plus for GCM is the fact that it is an authenticated form of encryption: the encrypted data is verified with the key using a MAC. This makes the encrypted data tamper-proof. The downside of GCM is that it fails catastrophically if the nonce is reused for a certain key. This makes it dangerous to use random nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy Castle has a good GCM-SIV implementation (the JDK does not).) > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > Fix For: 10.0.0, 9.13.0 > > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a higher cost. Bouncy Castle has > a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Resolved] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Emond Papegaaij resolved WICKET-7016. - Fix Version/s: 10.0.0 9.13.0 Resolution: Fixed > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > Fix For: 10.0.0, 9.13.0 > > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Commented] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17635817#comment-17635817 ] ASF subversion and git services commented on WICKET-7016: - Commit 210525f0ecd30794532b5ebebfbe677daf244517 in wicket's branch refs/heads/master from Emond Papegaaij [ https://gitbox.apache.org/repos/asf?p=wicket.git;h=210525f0ec ] WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[wicket] branch master updated: WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption
This is an automated email from the ASF dual-hosted git repository.
papegaaij pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/master by this push:
new 210525f0ec WICKET-7016: Add support for AES-GCM-SIV as cipher for page
store encryption
210525f0ec is described below
commit 210525f0ecd30794532b5ebebfbe677daf244517
Author: Emond Papegaaij
AuthorDate: Fri Nov 18 11:59:31 2022 +0100
WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption
---
pom.xml| 6 ++
wicket-core/pom.xml| 5 +
wicket-core/src/main/java/module-info.java | 1 +
.../apache/wicket/pageStore/CryptingPageStore.java | 2 +-
.../wicket/pageStore/crypt/GCMSIVCrypter.java | 107 +
.../org/apache/wicket/settings/StoreSettings.java | 29 ++
.../wicket/pageStore/CryptingPageStoreTest.java| 49 --
7 files changed, 188 insertions(+), 11 deletions(-)
diff --git a/pom.xml b/pom.xml
index d4dadc97f1..f07d75e49b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -138,6 +138,7 @@
9.2
1.9.7
3.21.0
+ 1.72
1.12.2
4.1.0
3.2.2
@@ -480,6 +481,11 @@
aspectjrt
${aspectj.version}
+
+ org.bouncycastle
+ bcprov-jdk18on
+ ${bouncycastle.version}
+
org.danekja
jdk-serializable-functional
diff --git a/wicket-core/pom.xml b/wicket-core/pom.xml
index a699761976..7a606c8bf6 100644
--- a/wicket-core/pom.xml
+++ b/wicket-core/pom.xml
@@ -169,6 +169,11 @@ org.apache.wicket.validation.validator;-noimport:=true
org.apache.wicket
wicket-util
+
+ org.bouncycastle
+ bcprov-jdk18on
+ true
+
org.danekja
jdk-serializable-functional
diff --git a/wicket-core/src/main/java/module-info.java
b/wicket-core/src/main/java/module-info.java
index 3ab3c7f0ed..04cc5f45c1 100644
--- a/wicket-core/src/main/java/module-info.java
+++ b/wicket-core/src/main/java/module-info.java
@@ -29,6 +29,7 @@ module org.apache.wicket.core {
requires org.danekja.jdk.serializable.functional;
requires com.github.openjson;
requires org.junit.jupiter.api;
+requires static org.bouncycastle.provider;
provides org.apache.wicket.IInitializer with org.apache.wicket.Initializer;
provides org.apache.wicket.resource.FileSystemPathService with
org.apache.wicket.resource.FileSystemJarPathService;
diff --git
a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
index b8e26ac9e9..32185a620b 100644
---
a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
+++
b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
@@ -96,7 +96,7 @@ public class CryptingPageStore extends DelegatingPageStore
*/
protected ICrypter newCrypter()
{
- return new DefaultCrypter();
+ return application.getStoreSettings().getCrypter().get();
}
@Override
diff --git
a/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java
b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java
new file mode 100644
index 00..e4fff7bcc8
--- /dev/null
+++
b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java
@@ -0,0 +1,107 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.wicket.pageStore.crypt;
+
+import java.security.AlgorithmParameters;
+import
[jira] [Commented] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17635814#comment-17635814 ] ASF subversion and git services commented on WICKET-7016: - Commit 7cb9c91f8f9fbdbabab900514b4306889fae8aaa in wicket's branch refs/heads/wicket-9.x from Emond Papegaaij [ https://gitbox.apache.org/repos/asf?p=wicket.git;h=7cb9c91f8f ] WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[wicket] branch wicket-9.x updated: WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption
This is an automated email from the ASF dual-hosted git repository.
papegaaij pushed a commit to branch wicket-9.x
in repository https://gitbox.apache.org/repos/asf/wicket.git
The following commit(s) were added to refs/heads/wicket-9.x by this push:
new 7cb9c91f8f WICKET-7016: Add support for AES-GCM-SIV as cipher for page
store encryption
7cb9c91f8f is described below
commit 7cb9c91f8f9fbdbabab900514b4306889fae8aaa
Author: Emond Papegaaij
AuthorDate: Fri Nov 18 11:59:31 2022 +0100
WICKET-7016: Add support for AES-GCM-SIV as cipher for page store encryption
---
pom.xml| 6 ++
wicket-core/pom.xml| 5 +
wicket-core/src/main/java/module-info.java | 1 +
.../apache/wicket/pageStore/CryptingPageStore.java | 2 +-
.../wicket/pageStore/crypt/GCMSIVCrypter.java | 107 +
.../org/apache/wicket/settings/StoreSettings.java | 29 ++
.../wicket/pageStore/CryptingPageStoreTest.java| 49 --
7 files changed, 188 insertions(+), 11 deletions(-)
diff --git a/pom.xml b/pom.xml
index ba1e928ddf..ca2ad83798 100644
--- a/pom.xml
+++ b/pom.xml
@@ -137,6 +137,7 @@
9.1
1.9.6
3.19.0
+ 1.72
4.1.0
3.3.0
1.11.12
@@ -483,6 +484,11 @@
aspectjrt
${aspectj.version}
+
+ org.bouncycastle
+ bcprov-jdk18on
+ ${bouncycastle.version}
+
org.danekja
jdk-serializable-functional
diff --git a/wicket-core/pom.xml b/wicket-core/pom.xml
index 30133d97d8..e563553fcc 100644
--- a/wicket-core/pom.xml
+++ b/wicket-core/pom.xml
@@ -168,6 +168,11 @@ org.apache.wicket.validation.validator;-noimport:=true
org.apache.wicket
wicket-util
+
+ org.bouncycastle
+ bcprov-jdk18on
+ true
+
org.danekja
jdk-serializable-functional
diff --git a/wicket-core/src/main/java/module-info.java
b/wicket-core/src/main/java/module-info.java
index de5f4bb89f..d9af7a5ead 100644
--- a/wicket-core/src/main/java/module-info.java
+++ b/wicket-core/src/main/java/module-info.java
@@ -29,6 +29,7 @@ module org.apache.wicket.core {
requires org.danekja.jdk.serializable.functional;
requires com.github.openjson;
requires org.junit.jupiter.api;
+requires static org.bouncycastle.provider;
provides org.apache.wicket.IInitializer with org.apache.wicket.Initializer;
provides org.apache.wicket.resource.FileSystemPathService with
org.apache.wicket.resource.FileSystemJarPathService;
diff --git
a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
index b8e26ac9e9..32185a620b 100644
---
a/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
+++
b/wicket-core/src/main/java/org/apache/wicket/pageStore/CryptingPageStore.java
@@ -96,7 +96,7 @@ public class CryptingPageStore extends DelegatingPageStore
*/
protected ICrypter newCrypter()
{
- return new DefaultCrypter();
+ return application.getStoreSettings().getCrypter().get();
}
@Override
diff --git
a/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java
b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java
new file mode 100644
index 00..e4fff7bcc8
--- /dev/null
+++
b/wicket-core/src/main/java/org/apache/wicket/pageStore/crypt/GCMSIVCrypter.java
@@ -0,0 +1,107 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to You under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package org.apache.wicket.pageStore.crypt;
+
+import java.security.AlgorithmParameters;
+import
[jira] [Assigned] (WICKET-7016) Support GCM-SIV for page store encryption
[ https://issues.apache.org/jira/browse/WICKET-7016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Emond Papegaaij reassigned WICKET-7016: --- Assignee: Emond Papegaaij > Support GCM-SIV for page store encryption > - > > Key: WICKET-7016 > URL: https://issues.apache.org/jira/browse/WICKET-7016 > Project: Wicket > Issue Type: Improvement > Components: wicket-core >Affects Versions: 9.12.0 >Reporter: Emond Papegaaij >Assignee: Emond Papegaaij >Priority: Minor > > The current ICrypter implementation uses AES-256 with CBC. Although this is > still secure, GCM is now considered a better alternative. The big plus for > GCM is the fact that it is an authenticated form of encryption: the encrypted > data is verified with the key using a MAC. This makes the encrypted data > tamper-proof. The downside of GCM is that it fails catastrophically if the > nonce is reused for a certain key. This makes it dangerous to use random > nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy > Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Created] (WICKET-7016) Support GCM-SIV for page store encryption
Emond Papegaaij created WICKET-7016: --- Summary: Support GCM-SIV for page store encryption Key: WICKET-7016 URL: https://issues.apache.org/jira/browse/WICKET-7016 Project: Wicket Issue Type: Improvement Components: wicket-core Affects Versions: 9.12.0 Reporter: Emond Papegaaij The current ICrypter implementation uses AES-256 with CBC. Although this is still secure, GCM is now considered a better alternative. The big plus for GCM is the fact that it is an authenticated form of encryption: the encrypted data is verified with the key using a MAC. This makes the encrypted data tamper-proof. The downside of GCM is that it fails catastrophically if the nonce is reused for a certain key. This makes it dangerous to use random nonces. GCM-SIV fixes this at the expense of a slightly higher cost. Bouncy Castle has a good GCM-SIV implementation (the JDK does not). -- This message was sent by Atlassian Jira (v8.20.10#820010)
