lockdown-core

APIs for storing and reading encrypted credentials

License

License

GroupId

GroupId

org.starchartlabs.lockdown
ArtifactId

ArtifactId

lockdown-core
Last Version

Last Version

2.0.0
Release Date

Release Date

Type

Type

jar
Description

Description

lockdown-core
APIs for storing and reading encrypted credentials
Project URL

Project URL

https://github.com/StarChart-Labs/lockdown
Source Code Management

Source Code Management

https://github.com/StarChart-Labs/lockdown

Download lockdown-core

How to add to project

<!-- https://jarcasting.com/artifacts/org.starchartlabs.lockdown/lockdown-core/ -->
<dependency>
    <groupId>org.starchartlabs.lockdown</groupId>
    <artifactId>lockdown-core</artifactId>
    <version>2.0.0</version>
</dependency>
// https://jarcasting.com/artifacts/org.starchartlabs.lockdown/lockdown-core/
implementation 'org.starchartlabs.lockdown:lockdown-core:2.0.0'
// https://jarcasting.com/artifacts/org.starchartlabs.lockdown/lockdown-core/
implementation ("org.starchartlabs.lockdown:lockdown-core:2.0.0")
'org.starchartlabs.lockdown:lockdown-core:jar:2.0.0'
<dependency org="org.starchartlabs.lockdown" name="lockdown-core" rev="2.0.0">
  <artifact name="lockdown-core" type="jar" />
</dependency>
@Grapes(
@Grab(group='org.starchartlabs.lockdown', module='lockdown-core', version='2.0.0')
)
libraryDependencies += "org.starchartlabs.lockdown" % "lockdown-core" % "2.0.0"
[org.starchartlabs.lockdown/lockdown-core "2.0.0"]

Dependencies

compile (3)

Group / Artifact Type Version
com.google.code.findbugs : jsr305 jar 3.0.1
org.bouncycastle : bcpg-jdk15on jar 1.56
org.slf4j : slf4j-api jar 1.7.21

Project Modules

There are no modules declared in this project.

Lockdown

Travis CI Code Coverage Black Duck Security Risk Quality Gate License

NOTE: Lockdown has been archived - we have changed basic assumptions/patterns around handling credentials. If you wish to see this project continued, please contact us at [email protected]

When you simply can't avoid storing basic credentials

Usually, when storing credentials, one-way encryption is used to protect sensitive information. However, some systems require access to a set of clear-text credentials for authentication.

Lockdown is intended for those cases - where the need for clear-text credentials cannot be eliminated from an application. It applies a thin convenience layer on top of the established bouncycastle encryption libraries which allows simpler use the RSA public/private key encryption pattern.

Contributing

Information for how to contribute to Lockdown can be found in the contribution guidelines

Legal

Lockdown is distributed under the MIT License. There are no requirements for using it in your own project (a line in a NOTICES file is appreciated but not necessary for use)

The requirement for a copy of the license being included in distributions is fulfilled by a copy of the LICENSE file being included in constructed JAR archives

Reporting Vulnerabilities

If you discover a security vulnerability, contact the development team by e-mail at [email protected]

Migrating Between Major Versions

Details for migrating across major versions of Lockdown may be found in MIGRATION.md

Projects

lockdown-core

Maven Central

Lockdown Core is where the central key generation and encryption/decryption APIs are defined. This library is intended for use within applications consuming lockdown, and allows access to credential storage files.

Usage information can be found in lockdown-core's README

lockdown-cli

Maven Central

Lockdown CLI is a command line tool for creating keys and adding credentials to credential store files.

Usage information can be found in lockdown-cli's README

lockdown-gradle-plugin

Maven Central

The Lockdown Gradle plug-in is intended for use in Gradle builds, to allow teams to easily expose the ability to add/update credentials in credential storage files without requiring all team members to install the Lockdown CLI.

Usage information can be found in lockdown-gradle-plugin's README

Generating Keys

Lockdown includes a key generator, which is mostly easily used via lockdown-cli. All generated keys are of PEM format (PKCS#1), which is currently the only format accepted by the library.

See more information on PEM keys/formats

Handling Key Files

Using public/private keys, there are two main things to keep in mind. Public keys are meant for encrypting data - they can be shared without significant risk to allow anyone to encrypt data the holder of the private key can understand. The private key is the "secret" in this pattern, and should be protected the same way a password would be

Collaborators

Information for collaborators, including the release process, can be found in the collaborator documention

org.starchartlabs.lockdown

StarChart Labs

Making open source development, contribution, and collaboration easier - one tool, discussion, or pull request at a time

Versions

Version
2.0.0
1.0.0