[
https://issues.apache.org/jira/browse/JSEC-36?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12655724#action_12655724
]
Les Hazlewood commented on JSEC-36:
-----------------------------------
Per the email thread here: http://markmail.org/message/hanrj3cbvwfdz7rd
It appears that a better alternative (and backwards compatible) solution would
be instead to keep the Cipher interface as it is, and add maybe a second
interface:
StatefulCipher (or something similarly appropriately named)
That removes the encryptionKey argument from both method parameter lists. That
is:
Cipher { //stays the same
byte[] encrypt( byte[] raw, byte[] encryptionKey);
byte[] decrypt( byte[] encrypted, byte[] decryptionKey);
}
StatefulCipher {
byte[] encrypt( byte[] raw);
byte[] decrypt( byte[] encrypted);
}
> Cipher refactoring
> ------------------
>
> Key: JSEC-36
> URL: https://issues.apache.org/jira/browse/JSEC-36
> Project: JSecurity
> Issue Type: Task
> Components: Cryptography & Hashing
> Affects Versions: 1.0
> Reporter: Les Hazlewood
> Fix For: 1.0
>
>
> The Cipher interface should be refactored to have two methods:
> byte[] encrypt( byte[] raw);
> and
> byte[] decrypt( byte[] encrypted);
> Since almost all usages of Ciphers in JSecurity don't expect the key to
> change across method invocations. But for the few cases that do require such
> a requirement, we need to move the existing two methods into a new interface:
> VariableKeyCipher or DynamicKeyCipher that contains the existing two methods:
> byte[] encrypt( byte[] raw, byte[] encryptionKey);
> and
> byte[] decrypt( byte[] encrypted, byte[] decryptionKey);
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
