{"id":37019371,"url":"https://github.com/henricook/cryptoutils","last_synced_at":"2026-01-14T02:08:46.240Z","repository":{"id":57724931,"uuid":"208049264","full_name":"henricook/cryptoutils","owner":"henricook","description":"Scala wrappers for JCA/BouncyCastle (Fork for scala 2.13 from Karasiq original)","archived":false,"fork":true,"pushed_at":"2024-04-09T15:29:55.000Z","size":114,"stargazers_count":6,"open_issues_count":9,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2024-04-24T12:13:56.348Z","etag":null,"topics":["bouncycastle","certificates","scala","ssl","tls"],"latest_commit_sha":null,"homepage":"","language":"Scala","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":"Karasiq/cryptoutils","license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/henricook.png","metadata":{"files":{"readme":"README.MD","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-09-12T12:45:23.000Z","updated_at":"2023-09-23T20:24:31.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/henricook/cryptoutils","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"purl":"pkg:github/henricook/cryptoutils","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/henricook%2Fcryptoutils","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/henricook%2Fcryptoutils/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/henricook%2Fcryptoutils/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/henricook%2Fcryptoutils/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/henricook","download_url":"https://codeload.github.com/henricook/cryptoutils/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/henricook%2Fcryptoutils/sbom","scorecard":{"id":461416,"data":{"date":"2025-08-11","repo":{"name":"github.com/henricook/cryptoutils","commit":"42300ed4cb44f40aa7052be5d7c87059735919e1"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"SAST","score":0,"reason":"no SAST tool detected","details":["Warn: no pull requests merged into dev branch"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Code-Review","score":0,"reason":"Found 0/30 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Vulnerabilities","score":10,"reason":"0 existing vulnerabilities detected","details":null,"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}}]},"last_synced_at":"2025-08-19T11:13:19.920Z","repository_id":57724931,"created_at":"2025-08-19T11:13:19.920Z","updated_at":"2025-08-19T11:13:19.920Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28408711,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-14T01:52:23.358Z","status":"online","status_checked_at":"2026-01-14T02:00:06.678Z","response_time":107,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["bouncycastle","certificates","scala","ssl","tls"],"created_at":"2026-01-14T02:08:45.591Z","updated_at":"2026-01-14T02:08:46.230Z","avatar_url":"https://github.com/henricook.png","language":"Scala","funding_links":[],"categories":[],"sub_categories":[],"readme":"# cryptoutils [![Build Status](https://travis-ci.org/henricook/cryptoutils.svg?branch=master)](https://travis-ci.org/henricook/cryptoutils) [![Maven Central](https://maven-badges.herokuapp.com/maven-central/com.henricook/cryptoutils_2.13/badge.svg)](https://maven-badges.herokuapp.com/maven-central/com.henricook/cryptoutils_2.13)\nScala wrappers for JCA/BouncyCastle classes  \n\nFork of karasiq/cryptoutils to add Scala 2.13 and Scala 3 support \n\n# How to use\nAdd to `build.sbt`:\n```scala\nlibraryDependencies ++= Seq(\n  \"org.bouncycastle\" % \"bcprov-jdk15on\" % \"1.58\",\n  \"org.bouncycastle\" % \"bcpkix-jdk15on\" % \"1.58\",\n  \"com.henricook\" %% \"cryptoutils\" % \"1.5.3\"\n)\n```\n\n# Managing key pairs and certificates\n## Generating X.509 certificate\n```scala\nval keyGenerator = CertificateGenerator()\n\n// Self-signed CA certificate\nval caSubject = X509Utils.subject(\"Example Root CA\", \"US\", \"California\", \"San Francisco\", \"Example\", \"Example Root CA\", \"ca@example.com\")\nval ca: TLS.CertificateKey = keyGenerator.generate(caSubject, \"RSA\", 2048, extensions = CertExtension.certificationAuthorityExtensions()) \nprintln(s\"Self-signed: ${ca.certificate.getSubject}\")\n\n// CA-signed certificate\nval subject = X509Utils.subject(\"Example Subject\", \"US\", \"California\", \"San Francisco\", \"Example\", \"Example\", \"example@example.com\")\nval cert: TLS.CertificateKey = keyGenerator.generate(subject, \"RSA\", 2048, Some(ca), BigInt(1))\nprintln(s\"CA signed: ${cert.certificate.getSubject}\")\n```\n\n## X.509 certification request\n```scala\nval keyGenerator = CertificateGenerator()\n\nval subject = X509Utils.subject(\"Example Subject\", \"US\", \"California\", \"San Francisco\", \"Example\", \"Example\", \"example@example.com\")\nval keyPair: java.security.KeyPair = ??? // Generate/load key pair\n\n// Creating request\nval request = keyGenerator.createRequest(keyPair, subject)\n\n// Signing request\nval ca: TLS.CertificateKey = ... // Certification authority certificate and private key\nval cert: TLS.CertificateChain = keyGenerator.signRequest(request, ca) // Resulting certificate chain\n```\n\n## Verifying X.509 certificate\n```scala\nval verifier = CertificateVerifier(CertificateStatusProvider.CRL, ca.certificate) // Or from java trust store: CertificateVerifier.fromTrustStore(TrustStore.fromFile(\"example-trust.jks\"), CertificateStatusProvider.CRL)\nif (verifier.isChainValid(cert.certificateChain)) {\n  println(s\"Verified: ${cert.getSubject}\")\n}\n```\n\n## Using PEM files\n```scala\nval certificationAuthority = PEM.certificate.fromFile(\"ca.crt\")\nval myCertificate = PEM.certificate.fromFile(\"mycert.crt\")\nval keyPair = PEM.keyPair.fromFile(\"mykey.key\")\n\nval certKey = TLS.CertificateKey(new TLS.CertificateChain(Array(myCertificate, certificationAuthority)), keyPair)\n```\n\n## Using Java Key Store\n```scala\n// Open key store\nval keyStore = TLSKeyStore.open(\"example.jks\", \"123456\")\n\n// Reading key\nval (key, chain) = (keyStore.getKey(\"example\"), keyStore.getCertificateChain(\"example\"))\n\n// Reading key set\nval keySet: TLS.KeySet = keyStore.getKeySet(\"example\")\n\n// Adding new key\nval newKey: TLS.CertificateKey = ??? // Generate key and certificate (see above)\nkeyStore.putKey(\"example-new\", newKey)\n\n// Saving to file\nkeyStore.saveAs(\"example.jks\")\n```\n\n# Using TLS (transport layer security)\n## TLS client\n```scala\nval verifier: CertificateVerifier = ??? // Certificate verifier\nval clientKeySet: TLS.KeySet = ??? // Client authorization\nval address = new InetSocketAddress(\"example.com\", 443) // Server address\n\n// Opening connection:\nval clientWrapper = new TLSClientWrapper(verifier, address, clientKeySet)\nval socket = clientWrapper(SocketChannel.open(address))\n// ... Do read/write, etc ...\nsocket.close()\n```\n\n## TLS server\n```scala              \nval verifier: CertificateVerifier = ... // Client certificate verifier\nval serverKeySet: TLS.KeySet = keyStore.getKeySet(\"example-server\") // Server certificate is required\n\n// Accepting connection\nval serverWrapper = new TLSServerWrapper(serverKeySet, clientAuth = true, verifier)\nval serverSocket = ServerSocketChannel.open()\nserverSocket.bind(new InetSocketAddress(\"0.0.0.0\", 443))\n\nval socket = serverWrapper(serverSocket.accept())\n// ... Do read/write, etc ...\nsocket.close()\n```","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhenricook%2Fcryptoutils","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fhenricook%2Fcryptoutils","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fhenricook%2Fcryptoutils/lists"}