geronimo-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alan D. Cabrera" <>
Subject Re: IDEA block cipher inclusion via the "bouncy castle" JCE provider
Date Wed, 31 Aug 2005 16:05:26 GMT
Rick McGuire wrote, On 8/31/2005 5:15 AM:

> I've been digging through the code trying to understand how/why the 
> asn1 code is getting used.  It appears the BC code is just being used 
> to encode/decode X509 names for transport-level security.  This is 
> done in two places:
> 1)  the mech_oid field in the SECIOP_SEC_TRANS structure, and
> 2)  SAS_ContextSec supported_naming_mechanisms array.
> These fields are just defined as opaque byte[] items, so I suspect any 
> encoding is acceptable as long as it is used symmetrically.  

Any encoding is fine so long as it's ASN DER.  I interpret your 
statement to mean that any implementation is fine.

> The BC asn1 support has APIs for encoding/decoding X509 names, so it 
> was convenient to use here.  There does not appear to be any crypto 
> engine involvement in this process.
> It appears the need here is not for asn1 support, but rather the 
> ability to consistently encode OIDs which are in an X509 name format.

Nope, one must use ASN1 DER.

Dain's got the right idea.  Let's use Trifork's code for the encoding work.


View raw message