GlaSSLess

A Java Cryptography Architecture (JCA) provider that wraps OpenSSL using Java's Foreign Function & Memory API. Native performance with pure Java distribution.

Maven Central Java 25+ OpenSSL 3.0+ Apache 2.0
Get Started View on GitHub

Features

🚀

Native Performance

Leverages OpenSSL's highly optimized cryptographic implementations. Up to 8x faster for asymmetric operations like Ed25519 signatures.

Hybrid Mode

Best of both worlds: automatically uses JDK for SHA/HMAC (10x faster) and OpenSSL for ECDH/EdDSA (8x faster). 8.4x faster than pure JDK overall.

No Native Compilation

Uses Java's FFM (Foreign Function & Memory) API for native interoperability. No JNI code or native compilation required.

🔒

FIPS 140-3 Compliant

Full FIPS compliance via OpenSSL's validated module. Supports FIPS 180, 186, 197, 198, 202, 203, 204, and 205 standards.

📦

Drop-in Replacement

Standard JCA provider interface. Register once and use with existing Java cryptographic code without modifications.

📚

380+ Algorithms

Comprehensive coverage: 146 ciphers, 56 signatures, 35 secret key factories, 33 key pair generators, 20 MACs, 18 digests, 14 KDFs including TLS 1.3.

🌍

Post-Quantum Ready

Full support for NIST post-quantum standards: ML-KEM (FIPS 203), ML-DSA (FIPS 204), SLH-DSA (FIPS 205), plus hybrid KEMs like X25519MLKEM768.

Multi-Version OpenSSL CI

Continuously tested against OpenSSL 3.0 (system), 3.5 (LTS), 3.6 (stable), and 4.0 (upcoming) across JDK 25 and 27-ea on amd64 and arm64.

Quick Start

<dependency>
   <groupId>net.glassless</groupId>
   <artifactId>glassless-provider</artifactId>
   <version>0.9.0</version>
</dependency>

import java.security.Security;
import net.glassless.provider.GlaSSLessProvider;

// Register the provider
Security.addProvider(new GlaSSLessProvider());

// Use with any JCA API
MessageDigest md = MessageDigest.getInstance("SHA-256", "GlaSSLess");
byte[] hash = md.digest("Hello, World!".getBytes());