United StatesChange Country, Oracle Worldwide Web Sites Communities I am a... I want to...
Bug ID: JDK-7022467 SecretKeyFactory doesn't support algorithm "AES" on Windows and Linux
JDK-7022467 : SecretKeyFactory doesn't support algorithm "AES" on Windows and Linux

Details
Type:
Bug
Submit Date:
2011-02-25
Status:
Closed
Updated Date:
2012-03-22
Project Name:
JDK
Resolved Date:
2011-05-24
Component:
security-libs
OS:
generic
Sub-Component:
java.security
CPU:
generic
Priority:
P2
Resolution:
Fixed
Affected Versions:
7
Fixed Versions:

Related Reports
Relates:

Sub Tasks

Description
The CCC 5001004 integrated in JDK7 b130 defines the following security algorithm requirements for javax.crypto.SecretKeyFactory: AES DES DESede
The algorithm "AES" is not supported on Windows and Linux.

Please see the following code:
-----------------------------------------------------------
import java.security.NoSuchAlgorithmException;
import javax.crypto.SecretKeyFactory;
public class SKF {
    public static void main(String[] args) {
        String[] algorithms = {"AES", "DES", "DESede"};
        for (String alg : algorithms) {
            try {
                SecretKeyFactory.getInstance(alg);
            } catch (NoSuchAlgorithmException e) {
                e.printStackTrace();
            }
        }
    }
}
-----------------------------------------------------------

It's output on Windows and Linux is:
-----------------------------------------------------------
java.security.NoSuchAlgorithmException: AES SecretKeyFactory not available
	at javax.crypto.SecretKeyFactory.<init>(SecretKeyFactory.java:108)
	at javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:146)
	at SKF.main(SKF.java:11)
-----------------------------------------------------------

                                    

Comments
EVALUATION

This is failing because there is no Java implementation of AES SecretKeyFactory in the JDK. On Solaris it works because there is a PKCS11 implementation. We should not include this as a required algorithm - this was a mistake. An AES SecretKeyFactory implementation does not provide much value, since developers can use a generic SecretKeySpec object to create an AES key and don't really need a SecretKeyFactory.

I will file a CCC and remove this from the required algorithms.
                                     
2011-03-01



Hardware and Software, Engineered to Work Together