Hi all, I got a quick look at the Chimera code. If I understand well it consists in: - a native interface to the OpenSSL AES & secure random functions - an abstraction layer to use the JCE or OpenSSL AES implementation - an abstraction layer to use the JCE or OpenSSL secure random - encrypting/decrypting input/output streams
Sorry if it sounds naive, but why not accessing the OpenSSL functions through a JCE provider instead of building an abstraction layer on top of another abstraction layer (JCE). The Apache JuiCE project was an attempt to implement this idea a few years ago [1]. With an OpenSSL based JCE provider the CryptoInput/OutputStream could probably be replaced by javax.crypto.CipherInput/OutputStream. As for the secure random part the standard java.security.SecureRandomSpi mechanism could be used to provide an OpenSSL based implementation. What do you think? Another dumb question, isn't AES-NI enabled by default in Java 8 nowadays [2]? Do you still get a significant speed up with Chimera in this case? If so I think contributing the improvements to OpenJDK would be a good idea too, this will benefit everyone in the next Java releases. Emmanuel Bourg [1] http://incubator.apache.org/projects/juice.html [2] http://openjdk.java.net/jeps/164 --------------------------------------------------------------------- To unsubscribe, e-mail: dev-unsubscr...@commons.apache.org For additional commands, e-mail: dev-h...@commons.apache.org
