jce

Here's a simplified version of the code I'm using to perform simple HTTPS requests: // Assume the variables host, file and postData have valid String values final URL url = new URL("https", host, file); final HttpURLConnection connection = (HttpURLConnection) url.openConnection(); connection.setRequestMethod("POST"); connection.setDoInput(true); connection.setDoOutput(true); connection.setRequestProperty("Content-length", String.valueOf(postData.length())); final DataOutputStream output = new DataOutputStream(connection.getOutputStream()); output.writeBytes(postData); output.close(); final

I have a Java app that requires JCE Unlimited Strength policy files to be installed in order to generate certificates. However, currently, the system fails silently if the files are not installed, rather than throwing an exception or something. Is there a programmatic way to check for these files from within the app? thanks. Probably not the cleanest way: If it is not there your application should throw an Exception, so you could try a small encryption test that is supposed to work and catch that exception. That's what I do with Bounty Castle. I suppose you could also check the installed

Currently I need to generate a keypair for GOST 34.10-2001 signature algorithm. It was pleasant to discover that bouncy castle provider has supported this algorithm, but I can not generate a keypair and save it to any keystore of any type. Currently I tried this command (this command works great if keyalg is DSA and sigalg is SHA1withDSA ): keytool -genkey -alias test1 -keyalg ECGOST3410 -keysize 512 -sigalg GOST3411withECGOST3410 \ -keypass test_1 -validity 1000 -storetype JKS -keystore test1.jks -storepass test_1 -v \ -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath

I need a fixed length 64 Byte ECDSA signature with the NIST P-256 Curve. The implementation hast to use JCE. The following code sample can generate a signature and verify it. Provider provSign = new SunEC(); Provider provVerify = new SunEC(); // generate EC key KeyPairGenerator kg = KeyPairGenerator.getInstance("EC", provSign); ECGenParameterSpec ecParam = new ECGenParameterSpec("secp256r1"); kg.initialize(ecParam); KeyPair keyPair = kg.generateKeyPair(); PrivateKey privateKey = keyPair.getPrivate(); PublicKey publicKey = keyPair.getPublic(); try { // export public key KeyFactory kf =

I'm trying to use JSCH to upload a file to a remote SFTP share. Every time I attempt to connect to the share from within my code, I get an exception that looks something like this: com.jcraft.jsch.JSchException: Session.connect: java.security.InvalidKeyException: Key is too long for this algorithm at com.jcraft.jsch.Session.connect(Session.java:558) ~[jsch-0.1.51.jar:na] at com.jcraft.jsch.Session.connect(Session.java:183) ~[jsch-0.1.51.jar:na] I've seen posts that describe this error when upgrading to Java 8, but we're still on Java 7, and I don't know enough about Java's cryptography support

Are the JCE policy files (in {java.home}/lib/security) overwritten with the standard strength policy files after a JRE update? or are these left alone on JRE update? EDIT: Does anyone know if the Mac OS X JRE ships with the unlimited policy files? Thanks Jon In my experience using JCE policy files, it did replace the files and I was frustrated. I ended up replacing the files at first run. But at the end, using Bouncy Castle API was more appropriate, there was no need to have the unlimited strength files. It was a cleaner solution. http://www.bouncycastle.org/ 来源： https://stackoverflow.com

I am supposed to create a BKS keystore and store a private Application key which is a 48 character long string in this Keystore. I also have a JCEKS keystore which has this key value already in it. If I try to convert into BKS type keystore using portecle tool, the Key entry is lost. I am new to JCE. Can someone please guide me as to what needs to be done to import this Key in the Keystore? Thanks. Try this command keytool -importcert -v -trustcacerts -file "cacert.pem" -alias ca -keystore "mySrvTruststore.bks" -provider org.bouncycastle.jce.provider.BouncyCastleProvider -providerpath "bcprov

JDK1.8.0_151的无限制强度加密策略文件变动 JDK1.8.0_151无需去官网下载 local_policy.jar US_export_policy.jar 这个jar包，只需要修改 Java\jdk1.8.0_151\jre\lib\security 这目录下的 java.security 文件配置即可。 随着越来越多的第三方工具只支持 JDK8，最近公司也计划从 JDK7 升级到 JDK8，在线下环境升级过程中，发现某些项目报以下异常： java.security.InvalidKeyException: Illegal key size 这是因为某些国家的进口管制限制，JDK默认的加解密有一定的限制。 比如默认不允许 256 位密钥的 AES 加解密，解决方法就下载官方 JCE无限制强度加密策略文件 ，覆盖即可。 但是发现公司选用的 1.8.0_151 版本的 $JAVA_HOME/jre/lib/security/ 目录下面多了一个 policy 文件夹，里面还有两个文件夹 ├── limited │ ├── local_policy.jar │ └── US_export_policy.jar └── unlimited ├── local_policy.jar └── US_export_policy.jar 于是搜了一下，发现了这篇文章： Java