Google, please hire this person to rewrite the entire Keyczar documentation wiki. Keyczar might be great from a crypto point of view, but the lack of good documentation and binaries is probably a major reason why people ignore it and implement their own "dangerous" crypto using BouncyCastle.

While I'm making unreasonable and arbitrary demands, password-based encryption support in Keyczar would be great too, thanks.

How keyczar could be compared with the Bouncy Castle we JVM guys stuck for years? Was it reviewed by credible cryptographers?

BouncyCastle is a low-level library, like OpenSSL. It's very hazardous to use in practice. It also gets less cryptographic scrutiny than OpenSSL does.

The point of this article is that you should use high-level libraries that supply high-level constructions you can use directly in your code, rather than primitives that you'll have to knit together into high-level constructions yourself.

Why is it hazardous to use in practice?

Because it won't stop you from doing any of this stuff and more.

https://www.nccgroup.trust/us/about-us/newsroom-and-events/b...

Keyczar is a wrapper around crypto primitive libraries. The .net Version actually is based on Bouncy Castle even. However the big downside is that Keyczar is not maintained well. Pull requests sit for years, not good for a security related framework.

I've always liked http://www.jasypt.org as a wrapper for low level cryptographic operations. But I don't know how it compares to Keyczar.

Is jasypt message encryption even authenticated?

http://svn.code.sf.net/p/jasypt/code/trunk/jasypt/src/main/j...

Jasypt is unfortunately prone to inventing its own crypto. This in itself leads me not to trust it.

http://security.stackexchange.com/a/65240/6714

2015 and Google still can not be bothered to put their stuff in Maven Central. It is as if they were actively trying to stop people from using their stuff.