Merge "Mention ECDHE_PSK bug in Javadoc of PskKeyManager." into lmp-docs

author: Alex Klyubin <klyubin@google.com> 2014-10-31 15:36:44 +0000
committer: Android (Google) Code Review <android-gerrit@google.com> 2014-10-31 15:36:45 +0000
commit: dd8accfe0f3d71a4e6402595fea48bf435a09b65 (patch)
tree: 42062552206d1a98f804d912176810b8941eb6bc /core/java
parent: 81fcc85c23eea3905238f3f8d359df0344c37865 (diff)
parent: 8e93f0c3bc8497a7ca1ce97a3bd8948612d52c1e (diff)
1 files changed, 7 insertions, 0 deletions
diff --git a/core/java/android/net/PskKeyManager.java b/core/java/android/net/PskKeyManager.java
index d1622823acd9..f82e6355961c 100644
--- a/core/java/android/net/PskKeyManager.java
+++ b/core/java/android/net/PskKeyManager.java
@@ -81,6 +81,13 @@ import javax.net.ssl.SSLEngine;
  * Subclasses should normally provide their own implementation of {@code getKey} because the default
  * implementation returns no key, which aborts the handshake.
  *
+ * <h3>Known issues</h3>
+ * The implementation of {@code ECDHE_PSK} cipher suites in API Level 21 contains a bug which breaks
+ * compatibility with other implementations. {@code ECDHE_PSK} cipher suites are enabled by default
+ * on platforms with API Level 21 when an {@code SSLContext} is initialized with a
+ * {@code PskKeyManager}. A workaround is to disable {@code ECDHE_PSK} cipher suites on platforms
+ * with API Level 21.
+ *
  * <h3>Example</h3>
  * The following example illustrates how to create an {@code SSLContext} which enables the use of
  * TLS-PSK in {@code SSLSocket}, {@code SSLServerSocket} and {@code SSLEngine} instances obtained
author	Alex Klyubin <klyubin@google.com>	2014-10-31 15:36:44 +0000
committer	Android (Google) Code Review <android-gerrit@google.com>	2014-10-31 15:36:45 +0000
commit	dd8accfe0f3d71a4e6402595fea48bf435a09b65 (patch)
tree	42062552206d1a98f804d912176810b8941eb6bc /core/java
parent	81fcc85c23eea3905238f3f8d359df0344c37865 (diff)
parent	8e93f0c3bc8497a7ca1ce97a3bd8948612d52c1e (diff)