A first usable JuiCE version

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

A first usable JuiCE version

Werner Dittmann
All,

after some tests und updates here a first version of
JuiCE. Have a look at the attached README.txt file
to get some more information.

As usual pls report problems etc to the list.

Regards,
Werner

* What is JuiCE? *

JuiCE is a Java Crypro Extension (JCE) provider that uses the openSSL
crypto functions as its crypto, digest, and signature engines. Because
the openSSL implementation is highly optimized JuiCE provides is much
faster than Java-only implementations.

JuiCE provides the standard JCE interfaces. As a regular JCE provider
implementation you can register and use it as described in the relevant
documentation and javadocs.

Refer to  http://java.sun.com/products/jce/reference/docs/index.html for
a full description of the JCE.

NOTE: Currently JuiCE implements only some algorithms (see below). To
check if JuiCE provides and algorithm try to instatiate a Cipher with the
required algorithm and JuiCE as provider id and catch the "NoSuchAlgorithm"
exception. If this exception fires JuiCE does not support this particular
algorithm. In this case get another Cipher instance using another provider
or the standard provider. See the unit tests in the test directory for some
examples how to use JuiCE.


* Implmented algorithms *

Ciphers

- AES (all key sizes), DES, DESEDE in ECB and CBC mode,
  available paddings are: none, PKCS5/PKCS7, ISO10126

- RSA RAW, RSA PKCS1padding, RSA OAEP padding

Digests

- MD2, MD4, MD5, SHA1 (and other SHA up to 512 if the openSSL
  library is built to include those), RIPEMD160

Signatures

- MD5WithRSAEncryption, SHA1WithRSAEncryption (other SHA also
  if supported by openSSL, see remark for digests)

- standard DSA with SHA1

Unit tests for all implemented algorithms are available.


* The native code to bridge Java to openSSL crypto library *

The native code is standard C, prepared to compile/run also
with X86_64 architecture (not yet fully tested), 32 bit works
ok.

The native code also implements the necessary thread lock
callbacks. The thread lock code is compatible with the Java
locking mechanisms (in fact the native code uses the Java
locking to implement the openSSL locks).


* Installation *

NOTE: Do not modify the "juice.jar" - it's a signed jar as per
requirement for JCE provider implementations. Therefore don't
rebuild juice.jar if you perform a SVN checkout.

The "dist" directory contains a zip file which holds a binary
distrubution. The binary distribution consists of

- the "juice.jar" file. Install this file into some directory
  that is referenced in the CLASSPATH. Do not modify the
  "juice.jar" - it's a signed jar as per requirement for JCE
  provider implementations. Therefore don't rebuild juice.jar
  if you perform a SVN checkout.
 
- The unit test classes with sources

- The file "juice-0.0.1.tar.gz" contains the native source code.
  To install this code, unpack the tar file in a directory and
  run ./configure. After that run make and make install (do the
  install step as superuser). The install procedure installs
  the shared library in /usr/local/lib by default. You may change
  this location using appropriate arguments when running
  ./configure.
 
  The configure script needs the environment variable JAVA_HOME.
  This env variable should point to the base directory of your
  JDK. Configure uses this variable to check the java executable
  and to determine if you are using a 32 or a 64 bit Java
  implementation. Configure then crosschecks with your actual
  system and exits if there is a mismatch.
 
  Don't forget to run "ldconfig" after installation to update
  the shared library cache.


* Prerequisits *

JuiCE needs the following additional jar libraries:

commons-logging-1.0.4.jar
    The master link for the commons project:
    http://jakarta.apache.org/commons/index.html

log4j-1.2.9.jar
    The logging library. Required to control the logging, error
    reporting and so on.
   
    See: http://logging.apache.org/

To enable your Java programs to use JuiCE make sure that the
Java runtime can load the native shared library. Therefore either
the "java.library.path" system property must contain the installation
directory of the shared library or you set the LD_LIBRARY_PATH
enviironment variable to contain the installation directory.

* Miscellaneous *

In the unlikely event :-) that you run into problems or find a bug
please use the JuiCE mailing list: [hidden email].





---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]