Skip to content
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Build Status License Maven Central

Project Info
License: Apache License, Version 2.0
Build: Maven
Issue tracker:
Mailing lists: aerogear-users (subscribe)
aerogear-dev (subscribe)

AeroGear Crypto Java

A Java API to provide an easy way to use cryptography interfaces for developers built on top of javax.crypto and Bouncy Castle to support: AES-GCM authenticated encryption, password based key derivation and elliptic curve cryptography.




The Android platform unfortunately ships an incomplete and outdated version of Bouncy Castle for Android which also makes hard to install an updated version of the library. That said, we had to stick with Spongy Castle, a version of Bouncy Castle repackaged to make it work on Android.


Regular Java projects

For regular Java EE and Java SE projects, Bouncy Castle will be supported and there is no need to workaround it.



Getting started

AeroGear Crypto does not reinvent the wheel by writing encryption algorithms or creating protocols, we still have some sanity. The major goal of this project is to provide simple API interfaces for uber complicated parameters, so let's get started.

Password based key derivation

Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
byte[] rawKey = pbkdf2.encrypt("passphrase");

Symmetric encryption

//Generate the key
Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2();
byte[] privateKey = pbkdf2.encrypt("passphrase");

//Initializes the crypto box
CryptoBox cryptoBox = new CryptoBox(privateKey);

byte[] IV = new Random().randomBytes();
byte[] ciphertext = cryptoBox.encrypt(IV, "My bonnie lies over the ocean");

CryptoBox pandora = new CryptoBox(privateKey);
byte[] message = pandora.decrypt(IV, ciphertext);

Asymmetric encryption

//Create a new key pair
KeyPair keyPairBob = new KeyPair();
KeyPair keyPairAlice = new KeyPair();

//Initializes the crypto box
CryptoBox cryptoBox = new CryptoBox(keyPairBob.getPrivateKey(), keyPairAlice.getPublicKey());

byte[] IV = new Random().randomBytes();
byte[] ciphertext = cryptoBox.encrypt(IV, "My bonnie lies over the ocean");

//Is possible to use the same crypto box instance, but won't happen in real life
CryptoBox pandora = new CryptoBox(keyPairAlice.getPrivateKey(), keyPairBob.getPublicKey());
byte[] message = pandora.decrypt(IV, ciphertext);

We are big believers that there is too much to improve, for this reason you are more than welcome to file a JIRA if you find any issue or discuss the improvements on the mailing list. Security is not an island and it is our responsibility like developers to make it better.


For more details about the current release, please consult our documentation.


If you would like to help develop AeroGear you can join our developer's mailing list, join #aerogear on Freenode, or shout at us on Twitter @aerogears.

Also takes some time and skim the contributor guide


Join our user mailing list for any questions or help! We really hope you enjoy app development with AeroGear!

Found a bug?

If you found a bug please create a ticket for us on Jira with some steps to reproduce it.


No description, website, or topics provided.




No packages published


You can’t perform that action at this time.