[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [iaik-jce] Sperately Signed and Enveloped PKCS #7
Yes, Piped*Streams are the way to go. In cases where the pipe buffer size is
a performance issue (it may be unless thread scheduling is fast) you can
increase the buffer size by using extending the PipedInputStream class and
using something like:
===
public MyPipedInputStream() {
super();
buffer = new byte[16384];
}
===
Works fine.
Andreas Sterbenz mailto:Andreas.Sterbenz@iaik.at
----- Original Message -----
From: "Bill Vanyo" <vanyo@echoes.net>
To: <iaik-jce@iaik.tu-graz.ac.at>
Sent: Saturday, January 27, 2001 3:39 PM
Subject: [iaik-jce] Sperately Signed and Enveloped PKCS #7
> The PKCS #7 standard and the IAIK javadocs recommend that when signing
> and encrypting with PKCS7, it is preferable to sequentially first sign
> (Signed Data) and then encrypt (Enveloped Data with the resulting Signed
> Data as encypted content), rather than to use the Signed and Enveloped
> Data structure.
>
> In a situation where the amount of data to be signed and enveloped is
> large, and it is undesireable to have a large intermediate buffer,
> should it be feasible to have two threads connected via a
> PipedOutputStream and PipedInputStream, one doing the signing, the other
> encrypting the result?
>
> My concern is that there seems to be no way to control the size of the
> buffer used by the piped streams.
>
> - Bill Vanyo
smime.p7s