{"id":18309553,"url":"https://github.com/sfuhrm/openssl4j","last_synced_at":"2025-04-05T17:32:54.714Z","repository":{"id":57730926,"uuid":"274248446","full_name":"sfuhrm/openssl4j","owner":"sfuhrm","description":"High performance Java crypto binding to the native OpenSSL library","archived":false,"fork":false,"pushed_at":"2024-06-09T20:48:38.000Z","size":505,"stargazers_count":27,"open_issues_count":11,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-03-21T08:21:45.823Z","etag":null,"topics":["crypto","cryptography","fast","java","java-library","jni","md5","mmx","openssl","ripemd160","security","sha1","sha256","sha3","sm3","sse","whirlpool"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sfuhrm.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null}},"created_at":"2020-06-22T21:43:47.000Z","updated_at":"2025-03-06T07:09:12.000Z","dependencies_parsed_at":"2023-10-13T08:14:56.866Z","dependency_job_id":"b78f7fac-4059-4c29-8f5e-bde62efe8d08","html_url":"https://github.com/sfuhrm/openssl4j","commit_stats":null,"previous_names":[],"tags_count":8,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sfuhrm%2Fopenssl4j","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sfuhrm%2Fopenssl4j/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sfuhrm%2Fopenssl4j/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sfuhrm%2Fopenssl4j/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sfuhrm","download_url":"https://codeload.github.com/sfuhrm/openssl4j/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247375545,"owners_count":20929050,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["crypto","cryptography","fast","java","java-library","jni","md5","mmx","openssl","ripemd160","security","sha1","sha256","sha3","sm3","sse","whirlpool"],"created_at":"2024-11-05T16:11:47.649Z","updated_at":"2025-04-05T17:32:49.705Z","avatar_url":"https://github.com/sfuhrm.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"OpenSSL4J JNI Java Library\n===================\n\n[![Single-Platform Build](https://github.com/sfuhrm/openssl4j/actions/workflows/build-singleplatform.yml/badge.svg)](https://github.com/sfuhrm/openssl4j/actions/workflows/build-singleplatform.yml)\n[![Java Build](https://github.com/sfuhrm/openssl4j/actions/workflows/build-java.yml/badge.svg)](https://github.com/sfuhrm/openssl4j/actions/workflows/build-java.yml)\n[![Crossplatform Build](https://github.com/sfuhrm/openssl4j/actions/workflows/build-crossplatform.yml/badge.svg)](https://github.com/sfuhrm/openssl4j/actions/workflows/build-crossplatform.yml)\n[![Maven Central](https://maven-badges.herokuapp.com/maven-central/de.sfuhrm/openssl4j/badge.svg)](https://maven-badges.herokuapp.com/maven-central/de.sfuhrm/openssl4j)\n[![License](https://img.shields.io/badge/License-Apache_2.0-blue.svg)](https://opensource.org/licenses/Apache-2.0)\n\nOpenSSL4J is a Java bridge to the native OpenSSL library.\nOn the Java side it's offering the\nconventional [MessageDigest](https://docs.oracle.com/javase/8/docs/api/java/security/MessageDigest.html) class. In the background the calls\nwill be translated to the native OpenSSL library with all its\n[optimizations](https://www.openssl.org/docs/faq-4-build.txt):\n\n\u003e On x86, the assembly code uses the CPUID instruction (see the\n\u003e OPENSSL_ia32cap.pod manpage) to determine if various instructions (AES,\n\u003e SSE, MMX, etc) are available and will use them if so.  For other processors,\n\u003e similar tests are performed if at all possible.\n\n## Features\n\n* Performance: The main feature of OpenSSL4J is performance: The MD5-implementation of OpenSSL4J is\ntypically 67% to 102% faster than the pure Java version from SUN.\n* Functionality: There are some algorithms available in OpenSSL4J that are not available in the normal SUN crypto provider.\n\n## Performance\n\nThe following picture shows a performance comparison of\n\n* BouncyCastle crypto provider (version 1.70)\n* Adoptium JDK SUN crypto provider (JDK 17.0.6)\n* OpenSSL4j (version 0.3.0)\n\nEach bar shows different throughputs in megabytes per second.\nThe per-bar throughputs contain multiple different test scenarios\nregarding blocks sizes and data structures used for\ndata passing (byte, array, direct ByteBuffer, heap ByteBuffer).\nThe median of the tests is presented by a dark-blue horizontal line\nwithin the bar. The 25% and 75% quantile make up the\narea of the bars.\n\n![bc-sun-ossl-performance.png](./images/bc-sun-ossl-performance.png)\n\nThe benchmark was conducted on a i7-3840QM CPU.\n\n## Building OpenSSL4J for your platform\n\nFor building the application you need\n\n* JDK 8+,\n* Apache Maven,\n* GNU Make,\n* GNU GCC,\n* OpenSSL development headers\n\nTo build the C library for your current platform, wrap it into a maven artifact (openssl4j-objects), build the java parts (openssl4j), execute:\n\n```bash\n$ build.sh\n...\n[INFO] Reactor Summary for OpenSSL4J Parent 0.2.1-SNAPSHOT:\n[INFO] \n[INFO] OpenSSL4J Parent ................................... SUCCESS [  0.953 s]\n[INFO] OpenSSL4J JNI ...................................... SUCCESS [  5.859 s]\n[INFO] ------------------------------------------------------------------------\n[INFO] BUILD SUCCESS\n[INFO] ------------------------------------------------------------------------\n[INFO] Total time:  6.912 s\n[INFO] Finished at: 2023-05-28T20:38:43+02:00\n[INFO] ------------------------------------------------------------------------    \n```\n\n## Building OpenSSL4J for cross-platform\n\nThe current cross-platform build is driven by github actions, using QEMU\nto build different platform shared object library.\nThe github actions are visible to everyone.\nFor the cross-platform build to work with your fork, there\nare some project secrets needed to be set in your\nGithub fork settings:\n\n* DOCKERHUB_USERNAME: Dockerhub username for getting the parent of the build image.\n* DOCKERHUB_TOKEN: Dockerhub secret token.\n* GH_USER: Github username for storing artifacts.\n* GH_PASSWORD: Github password for storing artifacts.\n* SONATYPE_USER: (optional) sonatype username for pushing snapshots.\n* SONATYPE_PASSWORD: (optional) sonatype password for pushing snapshots.\n\n(Date of last update: 2023-05-28)\n\n## Restrictions\n\n* MessageDigest restriction: The current milestone only contains MessageDigest algorithms.\n* Restricted platforms: The code uses dynamic linking to an object library on the machine.\n  Native object code within the JAR file is used for binding the Java code to the native code.\n  There is a restricted amount of platforms supported by the Github Actions\n  builder (see below).\n\n## Usage\n\n### Dynamic security provider configuration\n\nThe following example show how to create a MD5 message digest instance with the\ndynamically chosen security Provider:\n\n---------------------------------------\n\n```java\nimport de.sfuhrm.openssl4j.OpenSSL4JProvider;\n\n...\n\nMessageDigest messageDigest = MessageDigest.getInstance(\"MD5\", new OpenSSL4JProvider());\nmessageDigest.update(\"hello world!\".getBytes(Charset.forName(\"ASCII\")));\nbyte[] digest = messageDigest.digest();\n```\n\n---------------------------------------\n\n### Installing it in the JDK\n\nYou can also install the provider in your JDK installation. Open the `java.security` file in an editor:\n\n* Linux, or macOS: `\u003cjava-home\u003e/conf/security/java.security`\n* Windows: `\u003cjava-home\u003e\\conf\\security\\java.security`\n\nTo be used effectively, insert it in front of the SUN provider. If this is how the original file looks:\n\n---------------------------------------\n\n```\nsecurity.provider.1=SUN\nsecurity.provider.2=SunRsaSign\nsecurity.provider.3=SunEC\nsecurity.provider.4=SunJSSE\nsecurity.provider.5=SunJCE\nsecurity.provider.6=SunJGSS\nsecurity.provider.7=SunSASL\nsecurity.provider.8=XMLDSig\nsecurity.provider.9=SunPCSC\n...\n```\n\n---------------------------------------\n\nthen the new file could look like this after inserting and renumbering the entries:\n\n---------------------------------------\n\n```\nsecurity.provider.1=OpenSSL4J\nsecurity.provider.2=SUN\nsecurity.provider.3=SunRsaSign\nsecurity.provider.4=SunEC\nsecurity.provider.5=SunJSSE\nsecurity.provider.6=SunJCE\nsecurity.provider.7=SunJGSS\nsecurity.provider.8=SunSASL\nsecurity.provider.9=XMLDSig\nsecurity.provider.10=SunPCSC\n...\n```\n\n---------------------------------------\n\n## Including it with Maven\n\nThe recommended way of including the library into your project is using maven:\n\n---------------------------------------\n\n```xml\n\u003cdependency\u003e\n    \u003cgroupId\u003ede.sfuhrm\u003c/groupId\u003e\n    \u003cartifactId\u003eopenssl4j\u003c/artifactId\u003e\n    \u003cversion\u003e0.5.0\u003c/version\u003e\n\u003c/dependency\u003e\n```\n\n---------------------------------------\n\n## Native platforms supported\n\nThere are the following native implementations available inside the JAR file:\n\n* Linux-aarch64\n* Linux-amd64\n* Linux-arm\n* Linux-ppc64le\n* Linux-s390x\n\n## Version notice\n\nPlease note that the current version is experimental.\n\n## Versions\n\nThe version numbers used by `openssl4j` itself comply to the\n[semantic versioning](https://semver.org/) schema.\nEspecially major version changes come with breaking API\nchanges.\n\nThe temporary internal `openssl4j-objects` artifact is using\ndate-derived versions, but it is invisible to maven users.\n\n## Author\n\nWritten 2020-2023 by Stephan Fuhrmann. You can reach me via email to s (at) sfuhrm.de\n\n## License\n\nThe project *is* licensed under [Apache License 2.0](https://www.apache.org/licenses/LICENSE-2.0.txt) after excluding OpenSSL4j release v0.3.0.\n\nThe project *was* licensed under [LGPL 3.0](https://www.gnu.org/licenses/lgpl-3.0.en.html) until including OpenSSL4j release v0.3.0.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsfuhrm%2Fopenssl4j","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsfuhrm%2Fopenssl4j","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsfuhrm%2Fopenssl4j/lists"}