cryptolib

2.2.2

Star
Cryptomator Crypto Library
cryptomator/cryptolib

What's New

2.2.2

2026-01-30T15:19:15Z

Changelog

For a list of all notable changes, read the changelog.

Maven Coordinates

  <dependency>
    <groupId>org.cryptomator</groupId>
    <artifactId>cryptolib</artifactId>
    <version>2.2.2</version>
  </dependency>

Artifact Checksums

54dd907ec3166db202a436ff3a056655964c2181acf3d231f99b4b02255d0934  target/cryptolib-2.2.2-javadoc.jar
2c276d14b2f25a2011d0efaae25cce789882fc10883fd95695c2de4ab60c5177  target/cryptolib-2.2.2-sources.jar
8deac22a954c2058d5ad325168b73c1b4d245eeba178e70b2b78a3947f37188f  target/cryptolib-2.2.2.jar
84e32b82b440b83778989cdfed25ccb11cf2917a2c6aae51c7550d3b91cabafb  target/original-cryptolib-2.2.2.jar

What's Changed

  • Bump the maven-build-plugins group across 1 directory with 3 updates by @dependabot[bot] in #89
  • [skip ci] bump dependency-check-workflow to version 3 by @infeo in #95
  • Bump the maven-build-plugins group across 1 directory with 11 updates by @dependabot[bot] in #98
  • Update dependabot config by @infeo in #100
  • Add maven wrapper to project by @infeo in #103
  • Refactor CI by @infeo in #104
  • Feature: Locally reproducible builds by @infeo in #108
  • Bump the github-actions group across 1 directory with 5 updates by @dependabot[bot] in #105
  • Bump the maven-build-plugins group across 1 directory with 3 updates by @dependabot[bot] in #109
  • Bump org.junit.jupiter:junit-jupiter from 5.12.0 to 6.0.2 in the java-test-dependencies group across 1 directory by @dependabot[bot] in #110
  • Bump the java-production-dependencies group across 1 directory with 3 updates by @dependabot[bot] in #101

Full Changelog: 2.2.1...2.2.2

Build Quality Gate Status Coverage Vulnerabilities Maven Central Javadocs

Cryptomator Crypto Library

This library contains all cryptographic functions that are used by Cryptomator. The purpose of this project is to provide a separate light-weight library with its own release cycle that can be used in other projects, too.

Audits

Finding Comment
1u1-22-001 The now revoked GPG key has been used exclusively for the Maven repositories, was designed for signing only and was protected by a 30-character generated password (alphabet size: 96 chars). It was iterated and salted (SHA1 with 20971520 iterations), making even offline attacks very unattractive. Apart from that, this finding has no influence on the Tresor apps1. This was not known to Cure53 at the time of reporting.
1u1-22-002 This issue is related to siv-mode.

License

This project is dual-licensed under the AGPLv3 for FOSS projects as well as a commercial license derived from the LGPL for independent software vendors and resellers. If you want to use this library in applications that are not licensed under the AGPL, feel free to contact our sales team.

1 The Cure53 pentesting was performed during the development of the apps for 1&1 Mail & Media GmbH.

Description

  • Swift Tools
View More Packages from this Author

Dependencies

  • None
Last updated: Thu Jun 11 2026 17:18:08 GMT-0900 (Hawaii-Aleutian Daylight Time)