On mån, 2014-03-03 at 04:25 -0500, David Walluck wrote: > On 03/03/2014 03:39 AM, David Juran wrote: > > Is there any way of knowing which crypto:s are supported by a specific > > bouncycastle installation? I.e. will this work with bouncycastle-1.46 on > > F20 or will it require rawhide with bouncycastle-1.50? > > The easiest way to check is to make a test class and to put the call > from the last email inside a try..catch block as it will throw a > NoSuchAlgorithmException if it's not supported in that version. So for the curious, it seems that both the F20 and rawhide versions do support ECDH. For F19, I'm still pushing it to testing, so I guess we'll find out (-: > To look for the supported algorithms more specifically, it is a bit > complicated since DH is actually an alias. I don't currenly have EC on > my system, but it will look something like: > Alg.Alias.KeyAgreement.DH:DiffieHellman (but the EC variant). > > You could start with something like: java.security.Provider p = > java.security.Security.getProviders(). Here p.getName() will return > something like "BC" for bouncycastle. Then, you could iterate over > java.security.Provider.stringPropertyNames(). At least if you use this > code you can verify that the BC provider is loaded and all of the > algorithms that it supports. What I actually did was just to do java.security.Security.addProvider(new BouncyCastleProvider()) without much further checking. But I guess if https://bugzilla.redhat.com/show_bug.cgi?id=711090 got solved, I wouldn't even have to do that. > NB: In the code I gave in the last email, the addition of the second > argument "BC" will force the BC provider to be used, otherwise it will > check all available providers. I think you should actually prefer to > check them all, although it does not look like the SunEC Provider is > available in OpenJDK which will make having BC loaded a requirement. Bah, makes total sense, so much for pushing before reading the _entire_ email. Thanks (-: -- David Juran Sr. Consultant Red Hat +46-725-345801 -- java-devel mailing list java-devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/java-devel
