First post here, so: hello everybody ... I'm working on a project which involves an embedded device running Java and presenting the JCE API to applications. Currently the JCE provider used is BouncyCastle. This works, but slowly, most conspicuously during generation of RSA keys.
One course I am considering is to replace some of the most time-consuming classes by wrappers for calls to the openssl library. The BC code seems quite well adapted to this; there is an inner library with classes such as "RSAGenerateKeyPair" and an outer layer of classes which deal with the JCE API. Generating a key pair (for any assymetric cipher) involves a call to init() which passes parameters and a call to generateKeyPair() which returns the keys. The tricky part is that one of the parameters passed during init() is a reference to an object of type SecureRandom, i.e. a PRNG. That means that the key generation function must be able to call an external PRNG (actually a JNI wrapper which calls a Java method). I'm not sure how to do this in SSL (is it part of the ENGINE API?), or even whether it can be done at all with the required semantics (in theory each instance of RSAGenerateKeyPair could have a different PRNG). Any ideas, documentation pointers, etc.? Best wishes -- Chris Gray /k/ Embedded Java Solutions Embedded & Mobile Java, OSGi http://www.kiffer.be/k/ [EMAIL PROTECTED] +32 3 216 0369 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]