[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[iaik-jce] Data encryption algs for PKCS7



Dear Sirs:
I am writing to enquire which data encryption algorithms may be used in
the  IAIK PKCS7 EnvelopedDataStream.

I use eci.setupCipher(AlgorithmID) to specify the dat encryption
cipher.  For symmetric ciphers for which the AlgorithmID class provides
a static member, those algorithms can be used easily:
cast5_CBC
des_CBC
des_EDE3_CBC
rc2_CBC
rc4

Can other algorithms or other modes be used in PKCS7?  Is it to be done
by defining new AlgorithmID's?  And can the implementation of another
provider (such as Jsafe) be accessed for that algorithm?  If yes, is
there a different way other than to put that provider before IAIK in the
list of providers, which would have effects on other features also be
selected from that provider by precedence.

For example, you provide other modes for 3DES, and you provide an
implementation of Blowfish cipher.

Will the decryption logic in the EncryptedDataStream class be able to
read whatever info about the data encryption algorithm was placed into
the PKCS7 object and generate a request to Cipher.getInstance( ) or the
equivalent to locate an implementation of the correct algorithm?

  Do we have to register an algorithm with an OID and a name?  If so,
which? Does the protected member "implementations" of class AlgorithmID
figure into this?  Is is true that for sending a message encrypted with
a data encryption algorithm, we must do the registration on both the
encrypting side and also on the decrypting side .

Is it an issue of lack of standardized ObjectID's for the algorithms?
Is the ASN1 for the parameters standardized for different providers of
the same algorithm?

Thank you.



--
Mailinglist-archive at http://jcewww.iaik.tu-graz.ac.at/mailarchive/iaik-jce/maillist.html

To unsubscribe send an email to listserv@iaik.tu-graz.ac.at with the folowing content: UNSUBSCRIBE iaik-jce