Just dug into:
http://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/JSSERefGuide.html
and
http://docs.oracle.com/javase/7/docs/technotes/guides/security/crypto/CryptoSpec.html
I can confirm the issue is that BC does not implement the required JSSE
interfaces.
If I am to use akka-streams using TLS and a PSK cipher, I see 2 options:
1) Implement JSSE over BC's TLS API for the cipher that I need
2) Reimplement SslTls in akka-streams to not use JSSE, and to use BC's JCE
classes for encryption
The first option seems like a better route, however I'm not familiar enough
with the JSSE APIs to actually implement it, so it would require me to
spend a bit of time to get familiar with them. Has anyone done something
similar or have any insight into how hard it would be?
If anyone thinks the second option is a better route...let me know! I'm
not sure if akka-streams would benefit from adding support for TLS by not
using JSSE, for situations where there is no JSSE provider for a given
cipher.
On Tuesday, November 17, 2015 at 2:37:07 PM UTC-5, Jim Hazen wrote:
>
> Hmm. I'm not an expert here (just use BC for CloudFront). Have you tried
> keeping your Java 8 SSLContext while combining that with the BC cipher
> support?
>
> Something more like your original, but with the BC ciphers.
>
> Security.addProvider(new
> org.bouncycastle.jce.provider.BouncyCastleProvider())
> val context = SSLContext.getInstance("TLS")
> context.init(null, null, null)
> val cipherSuites =
> NegotiateNewSession.withCipherSuites("TLS_PSK_WITH_AES_128_CBC_SHA")
> val clientTls = SslTls(context, cipherSuites, Client)
>
--
>>>>>>>>>> Read the docs: http://akka.io/docs/
>>>>>>>>>> Check the FAQ:
>>>>>>>>>> http://doc.akka.io/docs/akka/current/additional/faq.html
>>>>>>>>>> Search the archives: https://groups.google.com/group/akka-user
---
You received this message because you are subscribed to the Google Groups "Akka
User List" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/akka-user.
For more options, visit https://groups.google.com/d/optout.
