Should that be PKCS7Padding? Or would that be worse - I don't recall if it's one of the "must have" paddings in the spec.
http://crypto.stackexchange.com/questions/9043/what-is-the-difference-between-pkcs5-padding-and-pkcs7-padding In practice it's unlikely that a software-based crypto provider will be so pedantic that it throws an exception if you try to use PKCS5 with a 256-bit cipher but I'm not sure if that's true if it's a hardware-based crypto provider. Anyone who springs for hardware will probably want something that strictly complies with the spec and PKCS5 is only defined for 64-bit ciphers. Bear On Wed, Oct 23, 2013 at 5:03 AM, Stefan Bodewig <bode...@apache.org> wrote: > On 2013-10-23, Jörg Schaible wrote: > > > boolean supportedKeyLength(int keyLen) throws NoSuchAlgorithmException > > { > > if (Cipher.getMaxAllowedKeyLength("AES/ECB/PKCS5Padding") < keyLen) { > > System.err.println("WARNING: " + getName() > > + " not executed, environment does not support " + keyLen > > + "-bit keys for AES"); > > return false; > > } > > return true; > > Looks a lot nicer than my "catch Exception" approach, thanks. > > Stefan > > --------------------------------------------------------------------- > To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org > For additional commands, e-mail: dev-h...@commons.apache.org > >
