{"id":19579737,"url":"https://github.com/wolfssl/wolfcrypt-jni","last_synced_at":"2026-04-16T01:05:24.012Z","repository":{"id":22610281,"uuid":"96452298","full_name":"wolfSSL/wolfcrypt-jni","owner":"wolfSSL","description":"wolfCrypt JCE provider and JNI wrapper","archived":false,"fork":false,"pushed_at":"2025-03-28T21:53:07.000Z","size":2107,"stargazers_count":32,"open_issues_count":1,"forks_count":15,"subscribers_count":19,"default_branch":"master","last_synced_at":"2025-04-04T23:11:15.379Z","etag":null,"topics":["android","android-fips","cryptography","embedded","fips","jce","jce-provider","jni","jni-android","jni-wrapper","security","wolfssl"],"latest_commit_sha":null,"homepage":"https://www.wolfssl.com","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wolfSSL.png","metadata":{"files":{"readme":"README.md","changelog":"ChangeLog.md","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-07-06T16:49:52.000Z","updated_at":"2025-03-28T21:53:11.000Z","dependencies_parsed_at":"2023-01-11T21:41:51.571Z","dependency_job_id":"f60b3504-0c7f-418b-8b80-9241027f9546","html_url":"https://github.com/wolfSSL/wolfcrypt-jni","commit_stats":null,"previous_names":[],"tags_count":9,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfcrypt-jni","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfcrypt-jni/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfcrypt-jni/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wolfSSL%2Fwolfcrypt-jni/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wolfSSL","download_url":"https://codeload.github.com/wolfSSL/wolfcrypt-jni/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251112528,"owners_count":21538162,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["android","android-fips","cryptography","embedded","fips","jce","jce-provider","jni","jni-android","jni-wrapper","security","wolfssl"],"created_at":"2024-11-11T07:18:50.580Z","updated_at":"2026-04-16T01:05:23.998Z","avatar_url":"https://github.com/wolfSSL.png","language":"Java","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n## wolfCrypt JCE Provider and JNI Wrapper\n\nThis packages includes both a JNI wrapper and JCE provider around the native\nwolfCrypt cryptography library. It supports both normal and FIPS validated\nversions of wolfCrypt.\n\nFor instructions and notes on the **JNI wrapper**, please reference this\nREADME.md, or the wolfSSL online user manual.\n\nFor instructions and notes on the **JCE provider**, please reference the\n[README_JCE.md](./README_JCE.md) file, or online user manual.\n\n### Compiling Native wolfSSL (Dependency)\n---------\n\nTo compile the wolfCrypt JNI wrapper and JCE provider, first the native (C)\nwolfSSL library must be compiled and installed.\n\nCompile and install a wolfSSL (wolfssl-x.x.x), wolfSSL FIPS\nrelease (wolfssl-x.x.x-commercial-fips), or wolfSSL FIPS Ready release.\n\nIn any of these cases, you will need the `--enable-jni` ./configure option.\nThe `--enable-jni` option includes all native wolfSSL features needed by\nboth wolfCrypt JNI/JCE (this package) as well as wolfSSL JNI/JSSE (a\nseparate package and repo). If you want the minimal set of requirements needed\nfor only wolfJCE, you can use `--enable-keygen --enable-crl`, where\nCRL support is needed to support JCE `CertPathValidator(PKIX)` CRL support.\n\n**wolfSSL Standard Build**:\n```\n$ cd wolfssl-x.x.x\n$ ./configure --enable-jni\n$ make check\n$ sudo make install\n```\n\n**wolfSSL FIPSv2 (FIPS 140-2 Cert 3389) Build**:\n\n```\n$ cd wolfssl-x.x.x-commercial-fips\n$ ./configure --enable-fips=v2 --enable-jni\n$ make check\n$ sudo make install\n```\n\n**wolfSSL FIPSv5 (FIPS 140-3 Cert 4718) Build**:\n\n```\n$ cd wolfssl-x.x.x-commercial-fips\n$ ./configure --enable-fips=v2 --enable-jni\n$ make check\n$ sudo make install\n```\n\n**wolfSSL FIPS Ready Build**:\n\n```\n$ cd wolfssl-x.x.x-commercial-fips\n$ ./configure --enable-fips=ready --enable-jni\n$ make check\n$ sudo make install\n```\n\n### Compiling wolfSSL JNI/JCE with ant\n---------\n\nwolfCrypt JNI/JCE's ant build is the most stable and well-tested. Newer support\nfor building with Maven has also been added. See section below for instructions\non building with Maven. Continue reading here for instructions to build with\nant.\n\n1) Compile the native wolfCrypt JNI object files. Two makefiles are distributed,\none for Linux (`makefile.linux`) and one for macOS (`makefile.macosx`). First\ncopy the makefile for your platform to a file called `makefile`:\n\n```\n$ cd wolfcrypt-jni\n$ cp makefile.linux makefile\n```\n\nThen compile the native wolfCrypt JNI object files into a native C shared\nlibrary:\n\n```\n$ cd wolfcrypt-jni\n$ make\n```\n\n2) Compile the wolfCrypt JNI/JCE Java sources files, from the wolfcrypt-jni\n   directory:\n\n```\n$ ant (shows possible build targets)\n$ ant \u003cbuild-jni-debug|build-jni-release|build-jce-debug|build-jce-release\u003e\n```\n\nIn order for the JUnit tests to be run correctly when executing \"ant test\",\nplease follow these steps (for Linux/Mac):\n\nRunning \"ant test\" will execute JUnit tests included in this package. These\ntests require JUnit to be available on your system and for the correct JAR\nfiles to be on your `JUNIT_HOME` path.\n\nTo install and set up JUnit:\n\na) Download \"junit-4.13.2.jar\" and \"hamcrest-all-1.3.jar\" from junit.org\n\nb) Place these JAR files on your system and set `JUNIT_HOME` to point to\n   that location:\n\n```\n$ export JUNIT_HOME=/path/to/jar/files\n```\n\nThe JUnit tests can then be run with:\n\n```\n$ ant test\n```\n\nTo clean the both Java JAR and native library:\n\n```\n$ ant clean\n$ make clean\n```\n\n#### API Javadocs\n---------\n\nRunning `ant` will generate a set of Javadocs under the `wolfcrypt-jni/docs`\ndirectory.  To view the root document, open the following file in a web browser:\n\n`wolfcrypt-jni/docs/index.html`\n\n### Compiling wolfSSL JNI/JCE with Maven\n---------\n\nwolfSSL JNI/JCE supports building and packaging with Maven, for those projects\nthat are already set up to use and consume Maven packages.\n\nwolfSSL JNI/JCE's Maven build configuration is defined in the included\n`pom.xml` file.\n\nFirst, compile the native JNI shared library (libwolfcryptjni.so/dylib) same\nas above. This will create the native JNI shared library under the `./lib`\ndirectory:\n\n```\n$ cd wolfcrypt-jni\n$ cp makefile.linux makefile\n$ make\n```\n\nCompile the Java sources, where Maven will place the compiled `.class` files\nunder the `./target/classes` directory:\n\n```\n$ mvn compile\n```\n\nCompile and run JUnit tests using:\n\n```\n$ mvn test\n```\n\nPackage up the wolfCrypt JNI/JCE JAR file using the following command. This will\nrun the JUnit tests then create a `.jar` file located under the `./target`\ndirectory, similar to `target/wolfcrypt-jni-X.X.X-SNAPSHOT.jar`:\n\n```\n$ mvn package\n```\n\nTo build the Javadoc API reference for wolfCrypt JNI/JCE run the following. This\nwill generate Javadoc HTML under the `./docs/apidocs` directory:\n\n```\n$ mvn javadoc:javadoc\n```\n\nTo install the wolfSSL JNI/JCE JAR file, run the following. This will install\nthe JAR into the local Maven repository:\n\n```\n$ mvn install\n```\n\nThe local Maven repository installation location will be similar to:\n\n```\n~/.m2/repository/com/wolfssl/wolfcrypt-jni/X.X.X-SNAPSHOT/wolfcrypt-jni-X.X.X-SNAPSHOT.jar\n```\n\nThe wolfCrypt JNI shared library (`libwolfcryptjni.so/dylib`) created with\n`make` will need to be \"installed\" by being placed on your native\nlibrary search path. For example, copied into `/usr/local/lib`, `/usr/lib`,\nor other location. Alternatively, append the `./libs` directory to your native\nlibrary search path by exporting `LD_LIBRARY_PATH` (Linux) or\n`DYLD_LIBRARY_PATH` (OSX):\n\n```\n$ export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/path/to/wolfcryptjni/lib\n```\n\nAfter wolfCrypt JNI/JCE has been installed into the local Maven repository,\nan application can include this as a dependency in the application's\n`pom.xml` file, similar to (where the version number will change depending\non the current release):\n\n```\n\u003cproject ...\u003e\n    ...\n    \u003cdependencies\u003e\n        \u003cdependency\u003e\n            \u003cgroupId\u003ecom.wolfssl\u003c/groupId\u003e\n            \u003cartifactId\u003ewolfcrypt-jni\u003c/artifactId\u003e\n            \u003cversion\u003e1.10.0-SNAPSHOT\u003c/version\u003e\n        \u003c/dependency\u003e\n    \u003c/dependencies\u003e\n    ...\n\u003c/project\u003e\n```\n\n\n### Java 9+ Module Support (JPMS)\n---------\n\nwolfCrypt JNI/JCE supports the Java Platform Module System (JPMS) introduced\nin Java 9. This enables use with `jlink` for creating custom, minimal Java\nruntimes.\n\n**Module Information:**\n\n- Module name: `com.wolfssl.wolfcrypt`\n- Exported packages: `com.wolfssl.wolfcrypt`, `com.wolfssl.provider.jce`\n- Service provider: `java.security.Provider` (WolfCryptProvider)\n\n**Conditional Compilation:**\n\nThe `module-info.java` is conditionally compiled based on the JDK version used\nto build:\n\n| JDK Used to Build | Resulting JAR |\n|-------------------|---------------|\n| Java 8 | Standard JAR (no module-info.class) |\n| Java 9+ | Modular JAR (includes module-info.class) |\n\nWhen building with Java 8, the `module-info.java` is automatically excluded\nfrom compilation, and the resulting JAR works as a standard classpath JAR.\n\n**Using with jlink:**\n\nWhen built with Java 9+, the wolfCrypt JNI/JCE JAR can be used with `jlink` to\ncreate a custom Java runtime that includes the wolfCrypt module:\n\n```\n$ jlink \\\n    --module-path lib/wolfcrypt-jni.jar:$JAVA_HOME/jmods \\\n    --add-modules com.wolfssl.wolfcrypt \\\n    --output custom-runtime \\\n    --no-header-files \\\n    --no-man-pages\n\n$ ./custom-runtime/bin/java --list-modules\n```\n\n**Note:** The native wolfCrypt JNI shared library (`libwolfcryptjni.so/dylib`)\nmust still be available on the native library path at runtime.\n\n### Example / Test Code\n---------\n\nThe JUnit test code can act as a good usage example of the wolfCrypt JNI\nAPI. This test code is run automatically when \"ant test\" is executed from\nthe root wolfcrypt-jni directory.  The test source code is located at:\n\n`wolfcrypt-jni/src/test/com/wolfssl/wolfcrypt`\n\nJCE-specific examples can be found in the `examples/provider` sub-directory.\nThese examples will only be compiled with either `ant build-jce-debug` or\n`ant build-jce-release` are used. Since these are JCE/provider-only examples,\nthey are not built for JNI-only builds (`ant build-jni-debug/release`).\n\nFor more details, see the [README_JCE.md](./README_JCE.md).\n\n### Custom Native Library Loading\n---------\n\nBy default, wolfCrypt JNI/JCE loads the native `wolfcryptjni` library using\n`System.loadLibrary()`. This requires the native libraries to be located on\nthe system library search path.\n\nFor applications that need custom library loading behavior, such as bundling\nnative libraries inside a JAR file and extracting them at runtime, wolfCrypt\nJNI/JCE supports skipping the automatic library loading via a System property.\n\n**System Property: `wolfssl.skipLibraryLoad`**\n\nWhen set to `\"true\"`, wolfCrypt JNI/JCE will skip calling `System.loadLibrary()`\nfor the native libraries. The application is then responsible for loading the\nnative libraries before any wolfCrypt classes are accessed.\n\nThis property must be set before any wolfCrypt JNI/JCE classes are loaded by the\nJVM, as the native library loading occurs in static initializer blocks.\n\n**Usage Example:**\n\n```java\n/* Option 1: Set via command line */\n/* java -Dwolfssl.skipLibraryLoad=true -jar myapp.jar */\n\n/* Option 2: Load libraries manually with absolute paths, then set property.\n * This must happen at application startup, BEFORE any wolfCrypt classes\n * are accessed or loaded by the JVM. */\nSystem.load(\"/path/to/libwolfssl.so\");\nSystem.load(\"/path/to/libwolfcryptjni.so\");\nSystem.setProperty(\"wolfssl.skipLibraryLoad\", \"true\");\n\n/* Now wolfCrypt classes can be used normally */\n```\n\n**Programmatic Check:**\n\nApplications can check if library loading was skipped using the\n`WolfObject.isLibraryLoadSkipped()` method:\n\n```java\nimport com.wolfssl.wolfcrypt.WolfObject;\n\nif (WolfObject.isLibraryLoadSkipped()) {\n    System.out.println(\"Native library loading was skipped\");\n}\n```\n\n### JAR Code Signing\n---------\n\nThe wolfcrypt-jni.jar can be code signed by placing a \"codeSigning.properties\"\nfile in the \"wolfcrypt-jni\" root directory.  The ant build script (build.xml)\nwill detect the prescense of this properties file and use the provided\ninformation to sign the generated JAR file.\n\n\"codeSigning.properties\" should have the following properties set:\n\n```\nsign.alias=\u003csigning alias in keystore\u003e\nsign.keystore=\u003cpath to signing keystore\u003e\nsign.storepass=\u003ckeystore password\u003e\nsign.tsaurl=\u003ctimestamp server url\u003e\n```\n\nSigning the JAR is important especially if using the JCE Provider with a JDK\nthat requires JCE provider JAR's to be authenticated.  Please see\n[README_JCE.md](./README_JCE.md) for more details.\n\n### Release Notes\n---------\n\nRelease notes can be found in [ChangeLog.md](./ChangeLog.md).\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfssl%2Fwolfcrypt-jni","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwolfssl%2Fwolfcrypt-jni","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwolfssl%2Fwolfcrypt-jni/lists"}