Topic: wolfCrypt JNI/JCE 1.9.0 Now Available
wolfCrypt JNI/JCE 1.9.0 is now available for download! This release contains a number of bug fixes and expands the Java Cryptography Extension (JCE) footprint, introducing new algorithms, cipher modes, and capabilities.
wolfCrypt JNI/JCE allows for use of the native wolfCrypt cryptography library from Java. The thin JNI wrapper can be used for direct JNI calls into native wolfCrypt, or the JCE provider (wolfJCE) can be registered as a Java Security provider for integration underneath the Java Cryptography API. wolfCrypt JNI/JCE can also support running on top of the wolfCrypt FIPS 140-3 validated cryptography module.
Highlights from this release are below. See ChangeLog.md for a full list.
New JCE Functionality:
This release adds support for several cryptographic primitives and classes:
Add KeyGenerator implementation (AES, HmacSHA1, HmacSHA256, HmacSHA384, HmacSHA512) (PR 98)
Add SHA-224 support to MessageDigest, Mac, Signature, KeyGenerator (PR 104)
Add SHA-3 support to MessageDigest, Mac, Signature (PR 103)
Add utility method to convert JKS/PKCS12 KeyStore to WKS type (PR 108)
Add more AES mode support to Cipher class (PR 129, 163, 173):
AES/CCM/NoPadding
AES/CTR/NoPadding
AES/ECB/NoPadding
AES/ECB/PKCS5Padding
AES/OFB/NoPadding
AES/CTS/NoPadding
Add AESCMAC (AES-CMAC), AESGMAC (AES-GMAC) to Mac class (PR 129)
Add RSA-PSS support to Signature class (PR 131):
RSASSA-PSS
SHA224withRSA/PSS
SHA256withRSA/PSS
SHA384withRSA/PSS
SHA512withRSA/PSS
Add Cipher.engineGetParameters() support (PR 140)
Add Cipher generic “AES” type support (PR 142)
Add AES and GCM support to AlgorithmParameters class (PR 144)
Add HmacSHA3 support to KeyGenerator class (PR 150):
HmacSHA3-224
HmacSHA3-256
HmacSHA3-384
HmacSHA3-512
Add toString() to WolfCryptRandom, used when printing SecureRandom object (PR 154)
Add additional ECC algorithm OIDs to Signature and KeyPairGenerator classes (PR 158)
Add EC KeyFactory support (PR 159)
Add P1363 ECDSA signature formats to Signature class (PR 160)
Add DH support to AlgorithmParameter, AlgorithmParameterGenerator, and KeyFactory classes (PR 161)
Add AES and 3DES support to SecretKeyFactory and SecretKey classes (PR 164)
Add additional AES and Hmac algorithm aliases to Cipher and Mac classes (PR 166)
Add Java ServiceLoader support for wolfJCE provider for Java Module System (JPMS) compatibility (PR 167)
Add RSA KeyFactory support (PR 169)
Add MessageDigest OID alias values for SHA-224/256/384/512 (PR 170)
Add PSS parameter encoding support in WolfCryptPSSParameters class (PR 175)
Add engineProbe() implementation to WolfSSLKeyStore (PR 178)
Add optional KEK caching to WolfSSLKeyStore for performance (PR 176)
Add RSASSA-PSS key support to WolfSSLKeyStore (PR 180)
Stability and Logic Improvements
Beyond new features, version 1.9.0 includes fixes and improvements related to dynamic JNI value retrieval, build issues with older wolfSSL and wolfCrypt FIPS 140-2/140-3 packages, exception handling, PKCS#7 pad/unpad, AES-GCM edge cases, input validation, default value sizes, synchronization, and more!
Modernized Debugging & Testing
To make integration easier for developers with fewer dependencies, version 1.9.0 switches to using the standard Java Logging (java.util.logging) framework for debug logs and uses the Java Instant.ofEpochMilli() for timestamps instead of java.sql.Timestamp.
Improved Testing and CI Coverage
CI coverage has been expanded to include the following additional pull request tests. JUnit test output has also been modified to include the time taken per test.
AddressSanitizer (-fsanitize=address)
Clang scan-build static analysis
Visual Studio Windows builds
Android emulator unit test runs
Builds against the last 5 stable wolfSSL versions for backwards compatibility testing
wolfCrypt JNI/JCE 1.9.0 can be downloaded from the wolfSSL download page, and an updated version of the wolfCrypt JNI/JCE User Manual can be found here. For any questions, or to get help using wolfSSL products in your projects, contact us at support@wolfssl.com.
If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
Download wolfSSL Now