Hi everyone,
Apologies in advance for what is probably a rather naive question. Current
distributions of Apache XML-Security contain no third party JCE, but all of
the documentation points to using the latest versions of the Bouncy Castle
JCE as the provider for XML-Security. I am dealing with clients that are
hyper-sensitive to non-U.S. crypto implementations, and so I pose the
question:
If I am using J2SE 1.4.2 (1.4.2_03, to be precise), does the default Sun
provider that ships with 1.4.2 provide everything I need to use XML-Security
to both sign and encrypt? I was initially suspicious of the SunJCE
supporting SHA1withRSA (I am primarily concerned with XML-DSIG), but it
appears to me that 1.4.2 SunJCE supports it just fine.
I would sincerely be grateful if someone could either confirm that the
1.4.2 SunJCE supports all of the Apache XML-Security use cases OR provide me
with a list of use cases that require a third party JCE such as Bouncy
Castle.
Regards,
-Jon
