I am implementing an authentication method in a binding, that requires AES-256 keys.
It looks like by default java supports only up to 128-bit keys and enabling 256-bit keys requires explicitly setting a security unlimited policy. In the older update versions it even required installing special libraries.
I am asking for an initial opinion on what would be a way to permanently enable it in openHAB, so users don’t have to edit properties manually? I am interested in both technical and legal implications.
Well, since OH does not ship with its own JRE I think the only options are to require the user to edit that properties file or modify the start script to modify that properties file. It is a JRE setting, not an application by application setting according to that link above.
Of course, this would need to be researched for Oracle JRE, OpenJDK, and Zulu as OH supports and recommends all three.