Using encryption that would need Java Policy Files

2020-07-22 10:35发布

if i want to use java and encryption with keys longer than 128bit i have to use the Java Policy Files. How to get those applications up and running with openjre? I get the same error i get using oracle jre without policy files, but i can't simply use the Oracle Policy Files? or can i?

Or would building the project with openjdk help?

Thank You

2条回答
我命由我不由天
2楼-- · 2020-07-22 10:52

The other answer is on the right lines but incomplete. After much screwing around, I hit on the following code which works for me. Don't worry about the legal aspects, Oracle actually has permission to get rid of this stupid export controls nonsense since 2011 but simply hasn't got around to updating the JVM yet! (check their bug tracker if you don't believe me).

Hope this helps. It works on Java 8. That part of the code is unlikely to change much, but obviously, we're fiddling with internal private code here so it could break at any time with any Java update. Caveat emptor.

Field gate = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
gate.setAccessible(true);
gate.setBoolean(null, false);
Field allPerm = Class.forName("javax.crypto.CryptoAllPermission").getDeclaredField("INSTANCE");
allPerm.setAccessible(true);
Object accessAllAreasCard = allPerm.get(null);
final Constructor<?> constructor = Class.forName("javax.crypto.CryptoPermissions").getDeclaredConstructor();
constructor.setAccessible(true);
Object coll = constructor.newInstance();
Method addPerm = Class.forName("javax.crypto.CryptoPermissions").getDeclaredMethod("add", java.security.Permission.class);
addPerm.setAccessible(true);
addPerm.invoke(coll, accessAllAreasCard);
Field defaultPolicy = Class.forName("javax.crypto.JceSecurity").getDeclaredField("defaultPolicy");
defaultPolicy.setAccessible(true);
defaultPolicy.set(null, coll);
查看更多
劳资没心,怎么记你
3楼-- · 2020-07-22 11:09

I found the following. It seems to solve all the policy problems i ever had.

  try {
    Field field = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
    field.setAccessible(true);
    field.set(null, java.lang.Boolean.FALSE);
  } catch (Exception ex) {

  }

It's not nice but working!

查看更多
登录 后发表回答