Message-Id: <c=US%a=_%p=RSA_Data_Securit%l=LOBESTER-970508230317Z-3966@LOBESTER.rsa.com>
From: Steve Burnett <burnettS@RSA.COM>
To: "'JavaSoft crypto questions'" <java-security@web2.javasoft.com>
Subject: JCE: Cipher algorithm parameters
Date: Thu, 8 May 1997 16:03:17 -0700
In response to one of my earlier questions, you suggested that
parameters for Cipher algorithms could be part of the algorithm name.
For instance, "RC2-40/CBC/PKCS#5" or "RC5-12-64/CFB/PKCS#5".
I now understand some things you probably knew all along. Eventually,
the Security.getImpl method will call getEngineClassName which will call
getProperty. We, as a provider, will write a routine called getProperty
which maps the String algorithm to a class name.
If parameters are part of the algorithm name, we will need to provide
a class for every possible parameter value (or combination of parameter
values), or else lose the parameter information. The other option is to
provide support for only a select few parameters (or combination of
parameters).
One might argue that in the real world, people are going to use 40 or
128-bit RC2, so we're not losing much by limiting the potential
parameters. One might also argue that RC5 has not caught on much yet, so
we're not going to alienate many customers. (Of course, if RC5 is chosen
as the DES replacement by the standards organizations, we will see its
use skyrocket).
On the other hand, it is kind of frustrating to have tremendous power
and flexibility in our algorithms, and then tell our customers, "Sorry,
you can't have access to that power and flexibility."
The Signature class has a setParameter method, why not the Cipher
class?
--Steve Burnett
burnetts@rsa.com