Skip to content

yaziza/botanj

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

100 Commits
.github
.github
 
 
checkstyle
checkstyle
 
 
src
src
 
 
.gitignore
.gitignore
 
 
CAPABILITIES.md
CAPABILITIES.md
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
licence.txt
licence.txt
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Botanj - Java Security Provider (JSP)

⚠️ Caution:
The code within this repository is currently in its early beta phase and has not been officially released. We would strongly advise against using it for production purposes until it reaches a stable, release-ready state.

ubuntu-build Actions Status

macos-build Actions Status

codeql-analysis Actions Status

coverage

branch coverage

Index

  1. Introduction
  2. Building The Library
  3. Supported Primitives
  4. Using Botan JSP

Introduction

Botanj is a Java Security Provider (JSP) , which uses Botan to implements parts of the Java Cryptography Extension (JCE). This implementation is compatible with other JSPs (e.g. Bouncy Castle), thus enabling a smooth migration.

Botanj uses JNR-FFI for loading Botan native code.

Building The Library

  • Install native Botan Library (tested with botan 2.{14/16}.0)
  • Install Apache Maven
  • Install Java 11+ (tested with openjdk 11)
  • Run tests: mvn test

Supported Primitives

Ciphers, hashes, MACs, and checksums

  • Authenticated cipher modes: EAX, OCB, GCM, SIV, CCM
  • Cipher modes: CBC, CTR, CFB, OFB
  • Block ciphers: AES, DES/3DES
  • Stream ciphers: (X)Salsa20, (X)ChaCha20
  • Hash functions: SHA-1, SHA-2, SHA-3, MD4, MD5, RIPEMD-160, BLAKE2b
  • Message Authentication codes: HMAC, CMAC, Poly1305, SipHash

Public Key Cryptography

  • Not yet supported

Public Key Infrastructure

  • Not yes supported

Transport Layer Security (TLS) Protocol (JSSE)

  • Not yet supported

Using Botanj

  • An example describing the procedure to compute a MessageDigest object:
final MessageDigest digest = MessageDigest.getInstance("blake2b-512", BotanProvider.NAME);
final byte[] output = digest.digest("hello world".getBytes());
  • An example describing the procedure to compute a MAC object:
final SecretKeySpec key = new SecretKeySpec(key, "HMAC-SHA512");
final Mac mac = Mac.getInstance("HMAC-SHA512", BotanProvider.NAME);
mac.init(key);
final byte[] output = mac.doFinal("hello world".getBytes());
  • An example describing the procedure to encrypt using AES-256/GCM:
final Cipher cipher = Cipher.getInstance("AES-256/GCM/NoPadding", BotanProvider.NAME);
// Never reuse the IV with the same key
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
cipher.updateAAD(aad);
final byte[] output = cipher.doFinal("hello world".getBytes());
  • An example describing the procedure to encrypt using AES-256/CBC/PKCS7:
final Cipher cipher = Cipher.getInstance("AES-256/CBC/PKCS7", BotanProvider.NAME);
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
final byte[] output = cipher.doFinal("hello world".getBytes());
  • An example describing the procedure to encrypt using ChaCha20:
final Cipher cipher = Cipher.getInstance("ChaCha20/None/NoPadding", BotanProvider.NAME);
// Never reuse the IV with the same key
cipher.init(Cipher.ENCRYPT_MODE, key, iv);
final byte[] output = cipher.doFinal("hello world".getBytes());

About

Botan Java Security Provider implementation

botan.randombit.net/

Topics

java security cryptography jsp provider jca jce

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

10 stars

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages