Java support

[tarcieri]

Java is a widely-used programming language. It would be great if Miscreant supported it.

[cbarcenas]

Is it better to have FFI bindings to e.g. the existing Rust implementation, or to have a Java-native implementation?

[tarcieri]

I am planning on supporting both options in the other implementations. That said I would be fine with either as a start.

The Rust implementation provides better performance and security but requires you compile a Rust library, which adds friction (and is why the other implementations sacrifice performance and security for ease-of-installation/use)

[cbarcenas]

Cool. I am now working on a Java-native implementation for Java 8 and above. I hope to have a PR up sometime next week.

Cryptography implementations in Java are typically packaged as JCA Providers, which are basically pluggable crypto modules that are registered with the JVM and provide crypto functionality via a standard API. Any code running in the JVM can instantiate a particular encryption algorithm with the JCA API using, for example, Cipher.getInstance("AES/SIV/NoPadding").

One quirk of this design is that some Java implementations (including Oracle's and IBM's) require the provider JAR to be signed by a certificate issued by Oracle. More info here.

I think this is done for compliance reasons, and is only required for some JVMs. JAR signing seems to be standard practice for Java cryptography providers; for example, it's done by the popular Bouncy Castle library (see here under "Important Notes").

Anyways, since the cert issuance process is free, I've opened a ticket with Oracle in order to get a personal signing certificate so that I can sign the initial Java implementation release, and I recommend that you do the same so that you can do future releases yourself if you want.

[tarcieri]

Awesome! Are you interested in contributing it upstream to this repository?

[cbarcenas]

The code, yes, but I don't think I can share the signing key. :)

[tarcieri]

Haha, that's ok 😉

[tarcieri]

This looks like a decent starting point, and is also MIT licensed:

https://github.com/cryptomator/siv-mode

[tarcieri]

@cbarcenas are you working on this? If not I might fork the "siv-mode" project

[cbarcenas]

Hey! Yes, still working on this, but progress is much slower than anticipated due to work+life stuff.

Not sure if that siv-mode package is the way forward here as it depends on third-party code (Bouncy Castle).

[brianm]

I'd strongly consider having a non-JCA based implementation for Java. JCA/JCE beg for misuse in general, and providing a smaller API surface area to encourage correct use would be a win.