[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [iaik-jce] Cipher reset & provider independence



Stef Hoeben wrote:
> 
> Hello,
> 
> 2 little questions:
> 
> - When doing a Cipher.update(), is it possible that the IV buffer is not
> reset?
> This is probably not specified in the JCE specs but the SunJCE provider
> does
> seem to reset the IV buffer to the value given with the init() method.

My reading of the spec says that the Cipher.getIV() method will return
the same value until a Cipher.init() method is called.

After a Cipher.doFinal() the Cipher object should be in exactly the
same state it was right after the previous Cipher.init() call.

> - About provider indepency of JCA/JCE: how can you use a KeySpec or an
> AlgorithmParameterSpec in a provider independent way. E.g. if I want to use
> the GOSTParameterSpec class, I have to write iaik.security.cipher.GOSTPa-
> rameterSpec in my code (which is not provider indpendent).

Generally unless the KeySpec introduces some special features (e.g. the
DESKeySpec) then a SecretKeySpec should work for the Cipher.  If it
doesnt
complain to your provider vendor :)

bernard.
--
Mailinglist-archive at http://jcewww.iaik.at/mailarchive/iaik-jce/jcethreads.html

To unsubscribe send an email to listserv@iaik.at with the folowing content: UNSUBSCRIBE iaik-jce