search

aws-samples / aws-kms-jce

The AWS KMS JCE Provider software library for Java is a vendor implementation for the Sun Java JCE (Java Cryptography Extension) provider framework with a focus on using asymmetric keys to sign and verify. This includes implementations for interfaces and engine classes in the JCA (Java Cryptography Architecture) standard.
MIT No Attribution
18 stars 7 forks source link

kms jce for asymmetric encryption/decrytion #4

Open oscarsan opened 1 year ago

oscarsan commented 1 year ago

Do you have any plans for implementing the encryption/decryption side of the JCE api using aws KMS?

grandamp commented 1 year ago

Howdy,

The tests only appear to support signatures, but; key encipherment using RSA could be done with a little work.

I would also like to be able to encrypt/decrypt using a symmetric key. I.e., AES-256-GCM

I've tested RSA-PSS signatures for JWTs using this code via Spring Boot

Initially, I was having problems with any PS256. PS384, and PS512 signature.

I have a pull request to remove Lomboc, bump the AWS Java 2 SDK, and fix RSA-PSS Signatures.

If this repo is not dormant, the tests could be improved using the AWS Java 2 SDK to create, use, and delete the key material needed via AWS CLI credentials. (or other AWS credential playbook)