commons-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Bear Giles <bgi...@coyotesong.com>
Subject Re: [compress] Strong Crypto in Tests
Date Wed, 23 Oct 2013 12:42:15 GMT
Should that be PKCS7Padding? Or would that be worse - I don't recall if
it's one of the "must have" paddings in the spec.

http://crypto.stackexchange.com/questions/9043/what-is-the-difference-between-pkcs5-padding-and-pkcs7-padding

In practice it's unlikely that a software-based crypto provider will be so
pedantic that it throws an exception if you try to use PKCS5 with a 256-bit
cipher but I'm not sure if that's true if it's a hardware-based crypto
provider. Anyone who springs for hardware will probably want something that
strictly complies with the spec and PKCS5 is only defined for 64-bit
ciphers.

Bear


On Wed, Oct 23, 2013 at 5:03 AM, Stefan Bodewig <bodewig@apache.org> wrote:

> On 2013-10-23, Jörg Schaible wrote:
>
> >  boolean supportedKeyLength(int keyLen) throws NoSuchAlgorithmException
> >  {
> >    if (Cipher.getMaxAllowedKeyLength("AES/ECB/PKCS5Padding") < keyLen) {
> >      System.err.println("WARNING: " + getName()
> >        + " not executed, environment does not support " + keyLen
> >        + "-bit keys for AES");
> >      return false;
> >    }
> >    return true;
>
> Looks a lot nicer than my "catch Exception" approach, thanks.
>
> Stefan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@commons.apache.org
> For additional commands, e-mail: dev-help@commons.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message