________________________________________
\__ ___/ _____/\_ _____/\_ ___ \
| | \_____ \ | __)_ / \ \/
| | / \ | \\ \____
|____| /_______ //_______ / \______ /
\/ \/ \/
TSEC: A type-safe, functional, general purpose security and cryptography library.
Latest Release: 0.0.1-M9
For the current progress, please refer to the RoadMap
For version changes and additions, including breaking changes, see either release notes or the Version Changes page.
Note on milestones:
Our Notation for versions is:
X.X.X
^ ^ ^____Minor
| |______Major
|________Complete redesign (i.e scalaz 7 vs 8)
All x.x.x-Mx
releases are milestone releases. Thus, we do not guarantee binary compatibility or no api-breakage until
a concrete version(i.e 0.0.1
). We aim to keep userland-apis relatively stable, but
internals shift as we find better/more performant abstractions.
We will guarantee compatibility between minor versions (i.e 0.0.1 => 0.0.2) but not major versions (0.0.1 => 0.1.0)
0.0.1-M9 is here for scala 2.12+ and Cats 1.0.1!
To get started, if you are on sbt 0.13.16+, add
resolvers += "jmcardon at bintray" at "https://dl.bintray.com/jmcardon/tsec"
or (with the sbt-bintray plugin)
resolvers += Resolver.bintrayRepo("jmcardon", "tsec")
Name | Description | Examples |
---|---|---|
tsec-common | Common crypto utilities | |
tsec-password | Password hashers: BCrypt and Scrypt | here |
tsec-symmetric-cipher | Symmetric encryption utilities! | here |
tsec-mac | Message Authentication | here |
tsec-signatures | Digital signatures | here |
tsec-md | Message Digests (Hashing) | here |
tsec-jwt-mac | JWT implementation for Message Authentication signatures | here |
tsec-jwt-sig | JWT implementation for Digital signatures | here |
tsec-http4s | Http4s Request Authentication and Authorization | here |
To include any of these packages in your project use:
val tsecV = "0.0.1-M9"
libraryDependencies ++= Seq(
"io.github.jmcardon" %% "tsec-common" % tsecV,
"io.github.jmcardon" %% "tsec-password" % tsecV,
"io.github.jmcardon" %% "tsec-symmetric-cipher" % tsecV,
"io.github.jmcardon" %% "tsec-mac" % tsecV,
"io.github.jmcardon" %% "tsec-signatures" % tsecV,
"io.github.jmcardon" %% "tsec-md" % tsecV,
"io.github.jmcardon" %% "tsec-jwt-mac" % tsecV,
"io.github.jmcardon" %% "tsec-jwt-sig" % tsecV,
"io.github.jmcardon" %% "tsec-http4s" % tsecV
)
IMPORTANT NOTE: About higher than 128-bit encryption key sizes on the JCA!
This applies to you if you are using any AES algorithms with higher than 128-bit key sizes
For 256-bit key sizes, you will have to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy
You can get it at: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
You can refer to: https://stackoverflow.com/questions/41580489/how-to-install-unlimited-strength-jurisdiction-policy-files
Alternatively, if you are using a package manager like aptitude and have the java8 repositories on your machine, you can install oracle-java8-unlimited-jce-policy
For debian-like distros: Follow the instructions here then use:
sudo apt-get install oracle-java8-unlimited-jce-policy
A note on logging
We use log4s
which is a logging facade over SLF4J. This implies you need to add a
binding to your classpath. Check https://www.slf4j.org/codes.html#StaticLoggerBinder
Big Thank you to our contributors (direct or indirect):
Robert Soeldner (Contributor/Maintainer)
Christopher Davenport(Contributor/Maintainer)
Harrison Houghton(Contributor/Maintainer)
Bjørn Madsen (Contributor)
André Rouél(Contributor)
Edmund Noble (For the dank tagless)
Fabio Labella (For the great FP help)
Will Sargent (Security Discussions)