Project Brisbane delivers a Java Cryptographic Service Provider (CSP) for Java's JCA framework, enabling Java applications to use FIPS-validated cryptography in regulated environments. Internally, the CSP delegates cryptographic operations to the OpenSSL FIPS provider. The OpenSSL FIPS Provider, in turn, uses a cryptographic module that conforms to the Federal Information Processing Standard (FIPS) requirements specified in FIPS 140-3.
In short, Brisbane bridges Java's standard cryptography interfaces and FIPS-regulated deployment requirements, making it easier to build and run Java systems that must meet government and industry security mandates while continuing to use familiar JCA patterns.
Project Brisbane is an open source project, released under the Universal Permissive License (UPL), Version 1.0. Contributions are welcome - please help improve the project, port it to additional platforms or devices, and reuse or modify the code as permitted by the license.
Brisbane is a project under the charter of the OpenJDK. The OpenJDK Bylaws and License govern our work. The Brisbane project membership can be found on the OpenJDK Census. We welcome patches and involvement from individual contributors or companies. If this is your first time contributing to an OpenJDK project, you will need to review the rules on becoming a Contributor, and sign the Oracle Contributor Agreement (OCA).
If you are reporting a possible security vulnerability, DO NOT use the issue tracking system documented below. Please follow the process outlined in the OpenJDK Vulnerability Policy.
If you think you have found a bug, first make sure that you are testing against the latest version - your issue may already have been fixed. If not, search our issues list in case a similar issue has already been opened.
For instructions on building and testing the project, see doc/build-and-test.md.
Please read CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.
- Build and test the project: see doc/build-and-test.md
- Integrate the security provider in an application: see doc/usage.md
- Configuring the security provider through Java System Properties: see doc/configuration.md