org.jruby.ext.openssl.Cipher falls back to smaller keys automatically without any warning or something. This was the cause of a lot of trouble in my app:
As it turned out the unrestricted security pack of Sun's JRE was not installed on my production box. So my app used 128 bit keys instead of the requested 256 bits - me being totally unaware of it.
That's not good of course, but so far the app was working (with weaker encryption though). The real bummer was this: I start some rake tasks every once in a while and those are run with IcedTea (was preinstalled on that Linux box). And guess what: IcedTea doesn't have that security restriction (like Apple's JRE or MRI of course). I ended up with mixed key sizes.
IMO this automatic degradation of the key size shouldn't happen.