Giovanni Schmid wrote: > Hi crypto-folks ! > Please, could someone explain me why consumers as encrypt and decrypt are > unaware of blowfish, but pkcs11_softtoken.so implements it ?
It is historical, at the time we wrote encrypt/decrypt Blowfish was not a recognised PKCS#11 mechanism. We got the RSA PKCS#11 working group to add it. However we didn't go back and add it into encrypt/decrypt, we should have done. One of the issues with Blowfish and the encrypt/decrypt user interface though is what the keysize should be, since for aes, rc4 we fixed it at 128 (for now historical import restrictions on crypto into some countries). Maybe encrypt/decrypt needs to change to allow specifying the key size (needed for the passphrase case but not for the key in file or key in PKCS#11 token case) ? -- Darren J Moffat
