age crypto via kage, verified against the CCTV scrypt vectors

Milestone 6. kage 0.4.0 over Jagged: Android-first (explicitly supports
API 26, matching minSdk), Kotlin, ships its own primitives through
BouncyCastle instead of relying on JCA ChaCha20-Poly1305 which Android
only provides from API 28. AgeBackupCrypto sits behind the same
BackupCrypto interface as the JCE baseline; age is now first in all()
so new encrypted backups are written as binary age v1 files,
decryptable anywhere with 'age -d' (decision #7). Old MDS1/JCE backups
keep decrypting via format auto-detection. The C2SP/CCTV scrypt vector
subset (19 files) is vendored into test resources: both success
vectors decrypt with matching payload SHA-256, all 17 failure vectors
are rejected.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
This commit is contained in:
Ole-Morten Duesund 2026-06-10 14:00:34 +02:00
commit c66bee5cf0
25 changed files with 245 additions and 2 deletions

View file

@ -15,6 +15,7 @@ work = "2.11.2"
okhttp = "5.4.0"
coroutines = "1.11.0"
serializationJson = "1.11.0"
kage = "0.4.0"
junit = "4.13.2"
[libraries]
@ -33,6 +34,7 @@ work-runtime = { group = "androidx.work", name = "work-runtime", version.ref = "
okhttp = { group = "com.squareup.okhttp3", name = "okhttp", version.ref = "okhttp" }
kotlinx-coroutines-android = { group = "org.jetbrains.kotlinx", name = "kotlinx-coroutines-android", version.ref = "coroutines" }
kotlinx-serialization-json = { group = "org.jetbrains.kotlinx", name = "kotlinx-serialization-json", version.ref = "serializationJson" }
kage = { group = "com.github.android-password-store", name = "kage", version.ref = "kage" }
junit = { group = "junit", name = "junit", version.ref = "junit" }
[plugins]