WolfSSL
/
wolfcrypt-jni
mirror of https://github.com/wolfSSL/wolfcrypt-jni.git
1
0
Fork 0
Code Issues Releases Wiki Activity
wolfCrypt JNI wrapper and JCE provider
200 Commits
1 Branch
9 Tags
6.2 MiB
Java 80.1%
C 18.6%
CMake 1.1%
Shell 0.2%
 
 
 
 
Go to file
JacobBarthelmeh b1866b3577 Merge pull request #1 from cconlon/master 
Prep for wolfCrypt JNI 1.0.0 release
 		2017-07-12 09:12:44 -06:00
jni JNI: return JNI_FALSE on exception in RsaSetRNG 2017-05-03 17:34:51 -06:00
src JCE: code review fixes, cleanup 2017-06-15 11:47:56 -06:00
.gitignore add .gitignore 2017-07-06 11:42:33 -06:00
AUTHORS move wolfcrypt-jni back into directory of same name 2015-04-01 14:56:40 -06:00
COPYING move wolfcrypt-jni back into directory of same name 2015-04-01 14:56:40 -06:00
LICENSING move wolfcrypt-jni back into directory of same name 2015-04-01 14:56:40 -06:00
README.md update README for 1.0.0 release 2017-07-10 15:08:08 -06:00
README_JCE.md update README for 1.0.0 release 2017-07-10 15:08:08 -06:00
build.xml add title, vendor, version info to JAR manifest 2017-07-06 11:42:23 -06:00
makefile JNI/JCE: create lib dir during make if needed 2017-06-23 09:55:31 -06:00
makefile.linux JNI/JCE: create lib dir during make if needed 2017-06-23 09:55:31 -06:00
makefile.macosx JNI/JCE: create lib dir during make if needed 2017-06-23 09:55:31 -06:00

README.md

wolfCrypt JNI

This package provides a Java, JNI-based interface to the native wolfCrypt (and wolfCrypt FIPS API, if using with a FIPS version of wolfCrypt). It also includes a JCE provider for wolfCrypt.

For instructions and notes on the JNI wrapper, please referene this README, or online documentation.

For instructinos and notes on the JCE provider, please reference the README_JCE file, or online instructions.

Compiling

To compile the wolfCrypt JNI wrapper:

  1. Compile and install a wolfSSL (wolfssl-x.x.x) or wolfSSL FIPS release (wolfssl-x.x.x-commercial-fips):

In either case, you will need the "--enable-keygen" ./configure option.

wolfSSL Standard Build:

$ cd wolfssl-x.x.x
$ ./configure --enable-keygen
$ make check
$ sudo make install

wolfSSL FIPS Build:

$ cd wolfssl-x.x.x-commercial-fips
$ ./configure --enable-fips --enable-keygen
$ make check
$ sudo make install
  1. Compile the native wolfCrypt JNI object files:
$ cd wolfcrypt-jni
$ make
  1. Compile the wolfCrypt JNI Java sources files, from the wolfcrypt-jni directory:
$ ant (shows possible build targets)
$ ant <build-jni-debug|build-jni-release|build-jce-debug|build-jce-release>

In order for the JUnit tests to be run correctly when executing "ant test", please follow these steps (for Linux/Mac):

Running "ant test" will execute JUnit tests included in this package. These tests require JUnit to be available on your system and for the correct JAR files to be on your JUNIT_HOME path.

To install and set up JUnit:

a) Download "junit-4.12.jar" and "hamcrest-core-1.3.jar" from junit.org

b) Place these JAR files on your system and set JUNIT_HOME to point to that location:

$ export JUNIT_HOME=/path/to/jar/files

The JUnit tests can then be run with:

$ ant test

API Javadocs

After the "ant" command has been executed, this will generate a set of Javadocs under the wolfcrypt-jni/docs directory. To view the root document, open the following file in a web browser:

wolfcrypt-jni/docs/index.html

Example / Test Code

The JUnit test code can act as a good usage example of the wolfCrypt JNI API. This test code is run automatically when "ant test" is executed from the root wolfcrypt-jni directory. The test source code is located at:

wolfcrypt-jni/src/test/com/wolfssl/wolfcrypt

JAR Code Signing

The wolfcrypt-jni.jar can be code signed by placing a "codeSigning.properties" file in the "wolfcrypt-jni" root directory. The ant build script (build.xml) will detect the prescense of this properties file and use the provided information to sign the generated JAR file.

"codeSigning.properties" should have the following properties set:

sign.alias=<signing alias in keystore>
sign.keystore=<path to signing keystore>
sign.storepass=<keystore password>
sign.tsaurl=<timestamp server url>

Signing the JAR is important especially if using the JCE Provider with a JDK that requires JCE provider JAR's to be authenticated. Please see README_JCE for more details.

Revision History

********* wolfCrypt JNI Release 1.0.0 (7/10/2017)

Release 1.0.0 of wolfCrypt JNI has bug fixes and new features including:

  • Bug fixes to JCE classes: Cipher, KeyAgreement (DH), Signature
  • JCE debug logging with wolfjce.debug system property
  • Additional unit tests for JCE provider
  • Conditional ant build for JNI and/or JCE
  • New ant targets with choice of debug or release builds

********* wolfCrypt JNI Release 0.3 BETA

Release 0.3 BETA of wolfCrypt JNI includes:

  • Support for ECC and DH key generation
  • Bug fixes regarding key import/export
  • Better argument sanitization at JNI level

********* wolfCrypt JNI Release 0.2 BETA

Release 0.2 BETA of wolfCrypt JNI includes:

  • Support for Android
  • Support for Oracle JDK/JVM
  • Support for code signing wolfcrypt-jni.jar file
  • Compatibility with non-FIPS wolfSSL and wolfCrypt builds
  • Bug fixes regarding releasing native resources
  • Test package changed to (com.wolfssl.provider.jce.test)

********* wolfCrypt JNI Release 0.1 BETA

Release 0.1 BETA of wolfCrypt JNI includes:

  • Initial JCE package
  • Support for OpenJDK