Please help me with this simple problem. I'm trying to create an SSLServerSocket that is enabled with the 2 AES 256-bit cipher suites that are supposed to be available in JDK1.4.2. As you can see in the following code, when the program attempts to enable the SSLServerSocket, ss, with CIPHER_SUITES, an exception occurs. The exception basically says that the TLS_DHE_RSA_WITH_AES_256_CBC_SHA cipher suite wasn't found. What's up?
_______________________________________________
String[] PROTOCOLS = {"SSLv3", "TLSv1"};
String[] CIPHER_SUITES = {"TLS_DHE_RSA_WITH_AES_256_CBC_SHA",
"TLS_DHE_RSA_WITH_AES_128_CBC_SHA",
"SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA",
"TLS_RSA_WITH_AES_256_CBC_SHA",
"TLS_RSA_WITH_AES_128_CBC_SHA",
"SSL_RSA_WITH_3DES_EDE_CBC_SHA"};
// create an SSLServerSocket ss
SSLContext context = SSLContext.getInstance("TLS", "SunJSSE");
context.init(myKeyManagers, myTrustManagers, SecureRandom.getInstance("SHA1PRNG", "SUN"));
SSLServerSocketFactory ssFactory = context.getServerSocketFactory();
SSLServerSocket ss = ssFactory.createServerSocket();
ss.setEnabledProtocols(PROTOCOLS);
ss.setEnabledCipherSuites(CIPHER_SUITES); // EXCEPTION OCCURS HERE (exception output is printed below)
// output a bunch of useful debugging information
System.out.println(System.getProperty("java.version") + "\n");
Provider[] providers = Security.getProviders();
for(int i=0; i < providers.length; ++i)
System.out.println(providers[i] + "\n" + providers.getInfo() + "\n********************");
String[] enabledProtocols = ss.getEnabledProtocols();
for(int i=0; i < enabledProtocols.length; ++i)
System.out.println(enabledProtocols[i]);
String[] enabledCipherSuites = ss.getEnabledCipherSuites();
for(int i=0; i < enabledCipherSuites.length; ++i)
System.out.println(enabledCipherSuites[i]);
___________________________________________________________________
OUTPUT
java.lang.IllegalArgumentException: Cannot support TLS_DHE_RSA_WITH_AES_256_CBC_SHA with currently installed providers
at com.sun.net.ssl.internal.ssl.CipherSuiteList.<init>(DashoA6275)
at com.sun.net.ssl.internal.ssl.SSLServerSocketImpl.setEnabledCipherSuites(DashoA6275)
at test.util.ConcreteSSLServerSocketFactory.initSocket(ConcreteSSLServerSocketFactory.java:111)
at test.util.ConcreteSSLServerSocketFactory.createServerSocket(ConcreteSSLServerSocketFactory.java:100)
at test.Test.init(Test.java:151)
at test.Test.main(Test.java:111)
JRE Version
1.4.2
Security Providers
SUN version 1.42
SUN (DSA key/parameter generation; DSA signing; SHA-1, MD5 digests; SecureRandom; X.509 certificates; JKS keystore; PKIX CertPathValidator; PKIX CertPathBuilder; LDAP, Collection CertStores)
********************
SunJSSE version 1.42
Sun JSSE provider(implements RSA Signatures, PKCS12, SunX509 key/trust factories, SSLv3, TLSv1)
********************
SunRsaSign version 1.42
SUN's provider for RSA signatures
********************
SunJCE version 1.42
SunJCE Provider (implements DES, Triple DES, AES, Blowfish, PBE, Diffie-Hellman, HMAC-MD5, HMAC-SHA1)
********************
SunJGSS version 1.0
Sun (Kerberos v5)
********************
Enabled Protocols
SSLv3
TLSv1
Enabled Cipher Suites
SSL_RSA_WITH_RC4_128_MD5
SSL_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_DSS_WITH_AES_128_CBC_SHA
SSL_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
SSL_RSA_WITH_DES_CBC_SHA
SSL_DHE_RSA_WITH_DES_CBC_SHA
SSL_DHE_DSS_WITH_DES_CBC_SHA
SSL_RSA_EXPORT_WITH_RC4_40_MD5
SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA