JDK-8061842 <https://bugs.openjdk.java.net/browse/JDK-8061842> has added improvements in JDK 9 to simplify the management of crypto strength. See README.txt <http://hg.openjdk.java.net/jdk9/dev/jdk/file/f82971b324f6/src/java.base/share/conf/security/policy/README.txt> for details.
Adding, 'Security.setProperty(“crypto.policy”, “unlimited”);' or editing the java.security configuration file will enable unlimited strength. > On 5 Oct 2016, at 09:06, Jeroen Cranendonk <[email protected]> wrote: > > Hi! > > The bane of my existance for the last decade or so has been dealing > with errors because the Java Unlimited Strength Jurisdiction Policy > Files have not been installed, and finding ways of getting them > installed. > > I was wondering what the state of this is for Java 9? > > I can't find any Java 9 policy files for the current ea builds of Java 9. > But I also can't find any mention of them no longer being required. > Worryingly, the old test for whether they're installled, based on AES > max cipher length, still gives me 128 (code pasted after this mail), > which suggests they are still needed. > > It seems that the requirement for having unlimited strength > jurisdiction policy files has been dropped a long long time ago, but > noone ever got around to actually implementing the change: > https://bugs.openjdk.java.net/browse/JDK-7024850 > > I was hoping with Java 9 this would finalyl be solved :) > > Test: > import javax.crypto.Cipher; > class Test { > public static void main(String[] args) { > try { > System.out.println("Hello World!"); > int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES"); > System.out.println(maxKeyLen); > } catch (Exception e){ > System.out.println("Sad world :("); > } > } > }
