/tsec

Type-safe general-cryptography library - https://jmcardon.github.io/tsec/

Primary LanguageScalaMIT LicenseMIT

________________________________________  
\__    ___/   _____/\_   _____/\_   ___ \ 
  |    |  \_____  \  |    __)_ /    \  \/ 
  |    |  /        \ |        \\     \____
  |____| /_______  //_______  / \______  /
                 \/         \/         \/ 

Join the chat at https://gitter.im/tsecc/Lobby Build Status Latest Version

Latest Release: 0.0.1-M11

For the current progress, please refer to the RoadMap

For version changes and additions, including breaking changes, see either release notes or the Version Changes page.

Note on milestones:

Our Notation for versions is:

X.X.X
^ ^ ^____Minor
| |______Major
|________Complete redesign (i.e scalaz 7 vs 8)  

All x.x.x-Mx releases are milestone releases. Thus, we do not guarantee binary compatibility or no api-breakage until a concrete version(i.e 0.0.1). We aim to keep userland-apis relatively stable, but internals shift as we find better/more performant abstractions.

We will guarantee compatibility between minor versions (i.e 0.0.1 => 0.0.2) but not major versions (0.0.1 => 0.1.0)

0.0.1-M11 is here for scala 2.12+ and Cats 1.0.1!

To get started, if you are on sbt 0.13.16+, add

Name Description Examples
tsec-common Common crypto utilities
tsec-password Password hashers: BCrypt and Scrypt here
tsec-cipher-jca Symmetric encryption utilities here
tsec-cipher-bouncy Symmetric encryption utilities here
tsec-mac Message Authentication here
tsec-signatures Digital signatures here
tsec-hash-jca Message Digests (Hashing) here
tsec-hash-bouncy Message Digests (Hashing) here
tsec-libsodium Nicely-typed Libsodium JNI bridge here
tsec-jwt-mac JWT implementation for Message Authentication signatures here
tsec-jwt-sig JWT implementation for Digital signatures here
tsec-http4s Http4s Request Authentication and Authorization here

To include any of these packages in your project use:

val tsecV = "0.0.1-M11"
 libraryDependencies ++= Seq(
 "io.github.jmcardon" %% "tsec-common" % tsecV,
 "io.github.jmcardon" %% "tsec-password" % tsecV,
 "io.github.jmcardon" %% "tsec-cipher-jca" % tsecV,
 "io.github.jmcardon" %% "tsec-cipher-bouncy" % tsecV,
 "io.github.jmcardon" %% "tsec-mac" % tsecV,
 "io.github.jmcardon" %% "tsec-signatures" % tsecV,
 "io.github.jmcardon" %% "tsec-hash-jca" % tsecV,
 "io.github.jmcardon" %% "tsec-hash-bouncy" % tsecV,
 "io.github.jmcardon" %% "tsec-libsodium" % tsecV,
 "io.github.jmcardon" %% "tsec-jwt-mac" % tsecV,
 "io.github.jmcardon" %% "tsec-jwt-sig" % tsecV,
 "io.github.jmcardon" %% "tsec-http4s" % tsecV
)

IMPORTANT NOTE: About higher than 128-bit encryption key sizes on the JCA!

This applies to you if you are using any AES algorithms with higher than 128-bit key sizes

For 256-bit key sizes, you will have to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy

You can get it at: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

You can refer to: https://stackoverflow.com/questions/41580489/how-to-install-unlimited-strength-jurisdiction-policy-files

Alternatively, if you are using a package manager like aptitude and have the java8 repositories on your machine, you can install oracle-java8-unlimited-jce-policy

For debian-like distros: Follow the instructions here then use:

sudo apt-get install oracle-java8-unlimited-jce-policy

A note on logging

We use log4s which is a logging facade over SLF4J. This implies you need to add a binding to your classpath. Check https://www.slf4j.org/codes.html#StaticLoggerBinder

Big Thank you to our contributors (direct or indirect):

Robert Soeldner (Contributor/Maintainer)

Christopher Davenport(Contributor/Maintainer)

Harrison Houghton(Contributor/Maintainer)

Bjørn Madsen (Contributor)

André Rouél(Contributor)

Edmund Noble (For the dank tagless)

Fabio Labella (For the great FP help)

Will Sargent (Security Discussions)