Werner, Are u familiar with this code? http://svn.apache.org/repos/asf/incubator/juice/. Can we use that project to host your JNI code? (merge whatever is good and throw away the duplicates)?
thanks, -- dims On 10/10/05, Dittmann, Werner <[EMAIL PROTECTED]> wrote: > > Hi, > > I'm just working on that topic to make the provider configurable > because I will need this too :-) - see below > > The various OIDs for AES keygen are due different key length > possible with AES. I didn't found keygen names that allow > the 3 possible keylength. The BC provider specified these > using the OIDs (IMO the OIDs and standard OIDs). > > Just as a side info: I'm also working on a binding of the BC > provider to the openSSL crypto library. First results are promising: > > - for AES, DES, DES3 the openSSL implementation is about > twice as fast (sometimes even more tha 2 times) > > - for RSA (tested with NO PADDING), 1024 bit key, the openSSL > crypto is about 3-4 times faster > > I'm doing hash and signatures as the next steps. > > It has a drawback: it's not a pure Java implementation anymor but > needs the openSSL crypto library plus the JNI code I implemented > as the glue between BC and the openSSL lib. > > > > -----Ursprüngliche Nachricht----- > Von: Kramp, Raymund [mailto:[EMAIL PROTECTED] > Gesendet: Samstag, 8. Oktober 2005 00:54 > An: [email protected] > Betreff: WSS4J w/RSA Crypto-J JCE provider > > > > I've recently been using WSS4J with RSA's Crypto-J 3.5 (JsafeJCE) provider. > I've been able to get it working fine, but have some questions... > > 1) In WSSecurityUtil.getCipherInstance, there's hard-coded > references to the BC provider: > > cipher = Cipher.getInstance("RSA/ECB/PKCS1PADDING", "BC"); > > I patched this class to use an algorithm from JsafeJCE. Is this a bug, or > is there another way that I can specify the asymmetric algorithm? I saw > this mentioned in WSS-6, but the resolution didn't affect WSSecurityUtil. > > 2) When I use AES from JsafeJCE as my symmetric algorithm, > WSEncryptBody.getKeyGenerator retrieves the keygen instance by OID. This > causes a NoSuchAlgorithmException: 2.16… with JsafeJCE. > > To get it working, I changed getKeyGenerator() to do AES lookup's by name: > > private KeyGenerator getKeyGenerator() throws WSSecurityException { > KeyGenerator keyGen = null; > try { > if (symEncAlgo.equalsIgnoreCase(WSConstants.TRIPLE_DES)) { > keyGen = KeyGenerator.getInstance("DESede"); > } else if (symEncAlgo.equalsIgnoreCase(WSConstants.AES_128)) { > //keyGen = > KeyGenerator.getInstance("2.16.840.1.101.3.4.1.2"); > keyGen = KeyGenerator.getInstance("AES"); > } else if (symEncAlgo.equalsIgnoreCase(WSConstants.AES_192)) { > //keyGen = > KeyGenerator.getInstance("2.16.840.1.101.3.4.1.22"); > keyGen = KeyGenerator.getInstance("AES"); > } else if (symEncAlgo.equalsIgnoreCase(WSConstants.AES_256)) { > //keyGen = > KeyGenerator.getInstance("2.16.840.1.101.3.4.1.42"); > keyGen = KeyGenerator.getInstance("AES"); > > Is there a way that I can specify the algorithm name for KeyGenerator > without modifying the WSS4J source? > > Thanks! > Ray -- Davanum Srinivas : http://wso2.com/blogs/
