Details
-
Bug
-
Status: Resolved
-
Low
-
Resolution: Fixed
-
None
-
None
-
OpenJDK on debian squeeze
-
Low
Description
The socket creation (server or otherwise) in SSLFactory.java calls setEnabledCipherSuites with the values specified in EncryptionOptions.java:
public String[] cipherSuites = { "TLS_RSA_WITH_AES_128_CBC_SHA", "TLS_RSA_WITH_AES_256_CBC_SHA" };
The call to setEnabledCipherSuites fails on systems that don't have Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 because AES256 is not supported.
To avoid installing the unlimited strength policy file the code in SSLFactory.java should call getSupportedCipherSuites to find out which of the suites specified are supported.
Thanks,
George