Claymore GoNative Provider

The GoNative Provider (GNP) is a JNI bridge allowing acceleration of JCE-based programs with calls to native code (based on OpenSSL). The Provider is designed to work seamlessly with Claymore PureTLS. PureTLS automatically loads the provider if it's available. PureTLS with GNP is approximately 10x faster than unaccelerated PureTLS.

GNP was developed by Eric Rescorla for Claymore Systems, Inc. but is being distributed for free because we believe that basic network security is a public good and should be a commodity. GNP is licensed under a Berkeley-style license, which basically means that you can do anything you want with it, provided that you give us credit and retain our copyrights.

The current version is 1.0b1, which means it's a beta quality release.

Bug reports should be sent to EKR.

Algorithm support

GNP provides acceleration for the following algorithms:

	MD5
	SHA-1
	HMAC (SHA-1 and MD5)
	DES-CBC
	3DES-CBC
	RC4
	DSA
	DH

We're planning to add RSA support in the next beta.

Downloading: Now available worldwide

The US finally changed their export rules so GoNative Provider is available worldwide.

GNP depends on OpenSSL. We recommend version 0.9.4 or later.

You can get the package from here

Platform Support

Because GNP partially consists of C code, it may need some porting to work on your platform. We supply Makefiles for FreeBSD, Win32 and Solaris. Porting to other Unix variants should be straightforward.

Bugs

SHA-1 support is actually SHA. The output is also truncated to 16 bytes (the length of MD5). This makes the SHA support less than useful. Also, none of the algorithms support clone. The upshot of this is that if you want to use GNP with PureTLS you need to make sure that the Sun provider is in place first so you get the Sun digest algorithms. This means you can't use GNP to accelerate message digests with PureTLS. This will be fixed in the next version