Skip to content

Commit

Permalink
use by default ECDH algo for encrypting keys
Browse files Browse the repository at this point in the history
  • Loading branch information
max402 committed Nov 28, 2023
1 parent cae3f85 commit e2199b3
Show file tree
Hide file tree
Showing 2 changed files with 14 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -45,26 +45,26 @@ public static class SecretKeyCreationCfg {
public static class EncryptingKeyCreationCfg {

@Builder.Default
private final String algo = "RSA";
private final String algo = "ECDH";

@Builder.Default
private final int size = 2048;
private final int size = 256;

@Builder.Default
private final String sigAlgo = "SHA256withRSA";
private final String sigAlgo = "SHA256withECDSA";
}

@Getter
@Builder
public static class SigningKeyCreationCfg {

@Builder.Default
private final String algo = "RSA";
private final String algo = "ECDH";

@Builder.Default
private final int size = 2048;
private final int size = 256;

@Builder.Default
private final String sigAlgo = "SHA256withRSA";
private final String sigAlgo = "SHA256withECDSA";
}
}
8 changes: 8 additions & 0 deletions datasafe-rest-impl/src/main/resources/application.properties
Original file line number Diff line number Diff line change
Expand Up @@ -36,3 +36,11 @@ datasafe.encryption.keystore.pbkdf.scrypt.parallelization=1
datasafe.encryption.keystore.pbkdf.scrypt.saltLength=16
datasafe.encryption.keystore.macAlgo=HmacSHA3_512
datasafe.encryption.cms.algo=AES256_GCM

#datasafe.encryption.keys.encrypting.algo=RSA
#datasafe.encryption.keys.encrypting.size=4096
#datasafe.encryption.keys.encrypting.sigAlgo=SHA256withRSA

#datasafe.encryption.keys.signing.algo=RSA
#datasafe.encryption.keys.signing.size=4096
#datasafe.encryption.keys.signing.sigAlgo=SHA256withRSA

0 comments on commit e2199b3

Please sign in to comment.