Using encryption that would need Java Policy Files in openjre

问题

if i want to use java and encryption with keys longer than 128bit i have to use the Java Policy Files. How to get those applications up and running with openjre? I get the same error i get using oracle jre without policy files, but i can't simply use the Oracle Policy Files? or can i?

Or would building the project with openjdk help?

Thank You

回答1:

I found the following. It seems to solve all the policy problems i ever had.

  try {
    Field field = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
    field.setAccessible(true);
    field.set(null, java.lang.Boolean.FALSE);
  } catch (Exception ex) {

  }

It's not nice but working!

回答2:

The other answer is on the right lines but incomplete. After much screwing around, I hit on the following code which works for me. Don't worry about the legal aspects, Oracle actually has permission to get rid of this stupid export controls nonsense since 2011 but simply hasn't got around to updating the JVM yet! (check their bug tracker if you don't believe me).

Hope this helps. It works on Java 8. That part of the code is unlikely to change much, but obviously, we're fiddling with internal private code here so it could break at any time with any Java update. Caveat emptor.

Field gate = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
gate.setAccessible(true);
gate.setBoolean(null, false);
Field allPerm = Class.forName("javax.crypto.CryptoAllPermission").getDeclaredField("INSTANCE");
allPerm.setAccessible(true);
Object accessAllAreasCard = allPerm.get(null);
final Constructor<?> constructor = Class.forName("javax.crypto.CryptoPermissions").getDeclaredConstructor();
constructor.setAccessible(true);
Object coll = constructor.newInstance();
Method addPerm = Class.forName("javax.crypto.CryptoPermissions").getDeclaredMethod("add", java.security.Permission.class);
addPerm.setAccessible(true);
addPerm.invoke(coll, accessAllAreasCard);
Field defaultPolicy = Class.forName("javax.crypto.JceSecurity").getDeclaredField("defaultPolicy");
defaultPolicy.setAccessible(true);
defaultPolicy.set(null, coll);

来源：https://stackoverflow.com/questions/14156522/using-encryption-that-would-need-java-policy-files-in-openjre