On Fri, 14 Dec 2007, Darren J Moffat wrote: > Giovanni Schmid wrote: >> Hi crypto-folks ! >> Please, could someone explain me why consumers as encrypt and decrypt are >> unaware of blowfish, but pkcs11_softtoken.so implements it ? > > It is historical, at the time we wrote encrypt/decrypt Blowfish was not > a recognised PKCS#11 mechanism. We got the RSA PKCS#11 working group to > add it. However we didn't go back and add it into encrypt/decrypt, we > should have done. > > One of the issues with Blowfish and the encrypt/decrypt user interface > though is what the keysize should be, since for aes, rc4 we fixed it at > 128 (for now historical import restrictions on crypto into some > countries). Maybe encrypt/decrypt needs to change to allow specifying
Hey Darren - Is there an RFE or bug filed for this, now that these are historic? I don't want to add it to the already large putback for removing these restrictions, but it should be tracked (and maybe another good oss-bite-size candidate) thanks! Valerie -- Valerie Fenwick, http://blogs.sun.com/bubbva Solaris Security Technologies, Developer, Sun Microsystems, Inc. 17 Network Circle, Menlo Park, CA, 94025. 650-786-0461
