|License:||Apache License, Version 2.0|
|Mailing lists:||aerogear-users (subscribe)|
AeroGear Crypto Java
A Java API to provide an easy way to use cryptography interfaces for developers built on top of javax.crypto and Bouncy Castle to support: AES-GCM authenticated encryption, password based key derivation and elliptic curve cryptography.
The Android platform unfortunately ships an incomplete and outdated version of Bouncy Castle for Android which also makes hard to install an updated version of the library. That said, we had to stick with Spongy Castle, a version of Bouncy Castle repackaged to make it work on Android.
<dependency> <groupId>org.jboss.aerogear</groupId> <artifactId>aerogear-crypto</artifactId> <version>0.1.3</version> <classifier>android</classifier> </dependency>
Regular Java projects
For regular Java EE and Java SE projects, Bouncy Castle will be supported and there is no need to workaround it.
<dependency> <groupId>org.jboss.aerogear</groupId> <artifactId>aerogear-crypto</artifactId> <version>0.1.3</version> </dependency> <dependency> <groupId>bouncycastle</groupId> <artifactId>bcprov-jdk16</artifactId> <version>140</version> </dependency>
AeroGear Crypto does not reinvent the wheel by writing encryption algorithms or creating protocols, we still have some sanity. The major goal of this project is to provide simple API interfaces for uber complicated parameters, so let's get started.
Password based key derivation
Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2(); byte rawKey = pbkdf2.encrypt("passphrase");
//Generate the key Pbkdf2 pbkdf2 = AeroGearCrypto.pbkdf2(); byte privateKey = pbkdf2.encrypt("passphrase"); //Initializes the crypto box CryptoBox cryptoBox = new CryptoBox(privateKey); //Encryption byte IV = new Random().randomBytes(); byte ciphertext = cryptoBox.encrypt(IV, "My bonnie lies over the ocean"); //Decryption CryptoBox pandora = new CryptoBox(privateKey); byte message = pandora.decrypt(IV, ciphertext);
//Create a new key pair KeyPair keyPairBob = new KeyPair(); KeyPair keyPairAlice = new KeyPair(); //Initializes the crypto box CryptoBox cryptoBox = new CryptoBox(keyPairBob.getPrivateKey(), keyPairAlice.getPublicKey()); byte IV = new Random().randomBytes(); byte ciphertext = cryptoBox.encrypt(IV, "My bonnie lies over the ocean"); //Is possible to use the same crypto box instance, but won't happen in real life CryptoBox pandora = new CryptoBox(keyPairAlice.getPrivateKey(), keyPairBob.getPublicKey()); byte message = pandora.decrypt(IV, ciphertext);
We are big believers that there is too much to improve, for this reason you are more than welcome to file a JIRA if you find any issue or discuss the improvements on the mailing list. Security is not an island and it is our responsibility like developers to make it better.
For more details about the current release, please consult our documentation.
If you would like to help develop AeroGear you can join our developer's mailing list, join #aerogear on Freenode, or shout at us on Twitter @aerogears.
Also takes some time and skim the contributor guide
Join our user mailing list for any questions or help! We really hope you enjoy app development with AeroGear!
Found a bug?
If you found a bug please create a ticket for us on Jira with some steps to reproduce it.