![]() Configure SSL using Keystores and Self Signed Certificates on Apache Tomcat Signature - GOST R 34.Table Of Contents 1. Now i'm downloaded OpenJDK6, and there i found SUNJCE implementation for AES in source code. may be u don't understand me ) other culture, other air, other weather )įrom commodity-money relations u right that's terrible unprofessional, i know about it ^^, i'm hope everybody knows it. If i'll think about everybody, i have no time think about by myself. I'm tenth on broken telephone, i'm not the manager who finds a customers, i'm not making technical specifications that must be implemented, i'm the one who is doing this, and I absolutely do not care who or what thinks about it. My main concern was that the OP's statement "Im just developer, im not interesting what think customer about that, they want that, i'll try give them what they want." is, from my professional point of view, just unprofessional.that's no matter, i sad i want WRITE PROVIDER for customer (or may be i want to develop own crypto algorithm, and sell them, but there i'm not about mathematics) I have no problem with this but the OP did not mention either SEED or Camellia. In this case I have every right to question the security of his algorithm since I have yet to find a main stream algorithm that does not already have a Provider. The assumption I did make was that, since the OP was talking of creating a Provider, that the algorithm he is proposing to use is not currently implemented in an available Provider. Maybe I should have softened this to ".has been thoroughly analysed and tested." but I was trying to pass on that message. In an earlier response I said "one should be reluctant to use an algorithm other than AES unless one can be sure it has been analysed and tested to the same extent as AES". You should not assume these are insecure.At no point have I said any particular algorithm is insecure and no specific nationality or algorithms were mentioned by the OP. The fact is that other countries, notably South Korea and Japan, have national encryption algorithms SEED and Camellia. Sabre, I think you are making some unwarranted assumptions. ![]() I will not implement or help implement an insecure system when it costs nothing to make it secure. When it comes to the cost arising from an insecure system you should make sure it cannot be laid at your door. YOU) if they allow an insecure system to be deployed. You can be sure that when the sh1t hits the fan, and it will hit the fan, then it will all be deposited on the developers (i.e. As a professional developer, if I am asked to implement an insecure system I tell them that it is insecure and, if they won't make appropriate changes, I make sure that everyone knows the system is likely to be insecure. As a humanitarian, if I see someone about to jump of a cliff I try to stop them. It does not matter where one lives, one should be reluctant to use an algorithm other than AES unless one can be sure it has been analysed and tested to the same extent as AES.Im just developer, im not interesting what think customer about that, they want that, i'll try give them what they want.This is where we differ in our attitude. I don't live in the USA but I use AES because in most countries it is the preferred symmetric encryption algorithm. now im trying check Bounty Castle for custom providers. I've checked documentation for JCA and JCE, but that's document's have description character for my opinion.įrom what i must start to accomplish that task? ![]() My primary objective is now create custom algorithm in java (like AES in that example) which can be used with keytool command for creating keystore which in future will used for IRM content sealing. Unless you have a burning need to increase the key lengths or you need to comply to a regulation or government mandate, AES192 is a good start." and finished when they start server (till end).įirstly they point what from that option (1) persist crypto algorithm, and then write about 2-3. When i install Oracle Information Rights Manager i created keystore with type jceks and aes algorithm which used for content seal.īut now i don't understand enought what that mean, need some moments to clarify.Ģ) - start from words "The General Settings page allows you to set the cryptographic algorithms used for protecting sealed content. Now im interesting that command: keytool -genseckey -storetype JCEKS -alias -keyalg AES -keysize 128 -keystore irm.jceks ( ) Im new in cryptography, but im think for along time.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |