Java 9 - Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files

Jeroen Cranendonk j.p.cranendonk at gmail.com
Wed Oct 5 08:06:33 UTC 2016


Hi!

The bane of my existance for the last decade or so has been dealing
with errors because the Java Unlimited Strength Jurisdiction Policy
Files have not been installed, and finding ways of getting them
installed.

I was wondering what the state of this is for Java 9?

I can't find any Java 9 policy files for the current ea builds of Java 9.
But I also can't find any mention of them no longer being required.
Worryingly, the old test for whether they're installled, based on AES
max cipher length, still gives me 128 (code pasted after this mail),
which suggests they are still needed.

It seems that the requirement for having unlimited strength
jurisdiction policy files has been dropped a long long time ago, but
noone ever got around to actually implementing the change:
https://bugs.openjdk.java.net/browse/JDK-7024850

I was hoping with Java 9 this would finalyl be solved :)

Test:
import javax.crypto.Cipher;
class Test {
  public static void main(String[] args) {
    try {
      System.out.println("Hello World!");
      int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
      System.out.println(maxKeyLen);
    } catch (Exception e){
      System.out.println("Sad world :(");
    }
  }
}


More information about the security-dev mailing list