On Tue, Feb 23, 2016 at 2:53 AM, Emmanuel Bourg <ebo...@apache.org> wrote:
> Hi all, > > I got a quick look at the Chimera code. If I understand well it consists > in: > - a native interface to the OpenSSL AES & secure random functions > - an abstraction layer to use the JCE or OpenSSL AES implementation > - an abstraction layer to use the JCE or OpenSSL secure random > - encrypting/decrypting input/output streams > > Sorry if it sounds naive, but why not accessing the OpenSSL functions > through a JCE provider instead of building an abstraction layer on top > of another abstraction layer (JCE). The Apache JuiCE project was an > attempt to implement this idea a few years ago [1]. With an OpenSSL > based JCE provider the CryptoInput/OutputStream could probably be > replaced by javax.crypto.CipherInput/OutputStream. As for the secure > random part the standard java.security.SecureRandomSpi mechanism could > be used to provide an OpenSSL based implementation. > > What do you think? > Great questions! Looking forward to a reply... Gary > > Another dumb question, isn't AES-NI enabled by default in Java 8 > nowadays [2]? Do you still get a significant speed up with Chimera in > this case? If so I think contributing the improvements to OpenJDK would > be a good idea too, this will benefit everyone in the next Java releases. > > Emmanuel Bourg > > [1] http://incubator.apache.org/projects/juice.html > [2] http://openjdk.java.net/jeps/164 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > > -- E-Mail: garydgreg...@gmail.com | ggreg...@apache.org Java Persistence with Hibernate, Second Edition <http://www.manning.com/bauer3/> JUnit in Action, Second Edition <http://www.manning.com/tahchiev/> Spring Batch in Action <http://www.manning.com/templier/> Blog: http://garygregory.wordpress.com Home: http://garygregory.com/ Tweet! http://twitter.com/GaryGregory