Add the hybrid cryptosystem support #32
Conversation
|
@paragonie-scott do you have time for a quick review? Thanks! |
| @@ -0,0 +1,119 @@ | |||
| # Encrypt and decrypt using hybrid cryptosystem | |||
|
|
|||
There was a problem hiding this comment.
Add a note here along the lines of - Since 3.1.0
|
This looks good. It's essentially what EasyRSA tries to provide. Since this is a new feature, I'd definitely advise forcing the use of OAEP. |
|
@paragonie-scott thanks for your feedback! You right, I always forget OAEP :) |
| @@ -0,0 +1,119 @@ | |||
| # Encrypt and decrypt using hybrid cryptosystem | |||
|
|
|||
| Hybrid is an encryption mode that uses symmetric and public keys ciphers together. | |||
| * The data are encrypted using a BlockCipher with a random session key | ||
| * that is encrypted using RSA with the public key of the receiver. | ||
| * The decryption process retrieves the session key using RSA with the private | ||
| * key of the receiver and decrypt the data using the BlockCipher. |
|
Overall, relatively straight-forward, and the code was mostly easy to follow. Nice feature, @ezimuel ! |
|
@paragonie-scott Btw, we already use OAEP as default padding for encryption using RSA, since zend-crypt 2.4.9 as reported in ZF2015-10. |
|
@weierophinney I included all the proposed changes. It's ready to be merged, thanks! |
| @@ -11,6 +11,7 @@ tmp/ | |||
| zf-mkdoc-theme/ | |||
|
|
|||
| clover.xml | |||
| composer.lock | |||
There was a problem hiding this comment.
This should be removed; the travis setup uses the lowest/locked/latest strategy, so the file needs to be present. I'll re-add it on merge.
Add the hybrid cryptosystem support
|
Thanks for the great feature, @ezimuel! |
This PR adds the hybrid cryptosystem support (OpenPGP like). It allows also multiple encryptions using a keyrings of public/private keys. This can be useful in multi users scenarios to encrypt data only for specific users.