> Is this an open-source effort? (JCE Interface to OpenSSL)? > i'd like to use it as well.
Yeah, but it's not in the form of a complete solution so user beware. Just a few needed algorithms and operations are implemented, and we don't implement RSA crypto directly because it's not a signed JCE. You can plug in a signature provider without getting your jar signed, so Walter and Noah basically implemented the signature operation by calling into OpenSSL for the RSA crypto, but you can't invoke the RSA from Java directly outside of the signature calls. The code's checked into our cvs: http://cvs.internet2.edu/cgi-bin/viewcvs.cgi/NativeJCE/ Check out details can be found on the www.opensaml.org site for that cvs. There are no copyright statements embedded in the files yet, but for now consider the code covered by the Shibboleth license, which is Apache-like: http://shibboleth.internet2.edu/license.html -- Scott
