当前位置:theitroad>java 如何安装 Unlimited Strength Jurisdiction Policy Files?

java 如何安装 Unlimited Strength Jurisdiction Policy Files?

声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow 原文地址: http://stackoverflow.com/questions/41580489/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me): StackOverFlow

提示:将鼠标放在中文语句上可以显示对应的英文。显示中英文
时间:2020-11-03 05:58:22  来源:igfitidea点击:

How to install Unlimited Strength Jurisdiction Policy Files?

javamavenjar

提问by Marcin K?opotek

Can someone explain to me how to install Unlimited Strength Jurisdiction Policy Files. I downloaded .jar files from Oracle websitebut I'm having a problem with installing them. Java program that I'm making keeps giving me this error:

有人可以向我解释如何安装 Unlimited Strength Jurisdiction Policy Files。我从Oracle 网站下载了 .jar 文件,但在安装它们时遇到了问题。我正在制作的 Java 程序不断给我这个错误:

Jan 11, 2017 12:32:31 AM com.subgraph.orchid.TorClient start
INFO: Starting Orchid (version: 1.0.0)
Jan 11, 2017 12:32:31 AM com.subgraph.orchid.TorClient verifyUnlimitedStrengthPolicyInstalled
SEVERE: Unlimited Strength Jurisdiction Policy Files are required but not installed.
Exception in thread "main" com.subgraph.orchid.TorException: Unlimited Strength Jurisdiction Policy Files are required but not installed.
    at com.subgraph.orchid.TorClient.verifyUnlimitedStrengthPolicyInstalled(TorClient.java:208)
    at com.subgraph.orchid.TorClient.start(TorClient.java:79)
    at com.nikola.WebCrawlerApp.App$OrchidDemo.startOrchid(App.java:46)
    at com.nikola.WebCrawlerApp.App$OrchidDemo.access
if (Cipher.getMaxAllowedKeyLength("AES") < 256) {
  try {
    Field field = Class.forName("javax.crypto.JceSecurity").
    getDeclaredField("isRestricted");
    field.setAccessible(true);
    field.set(null, java.lang.Boolean.FALSE);
  } catch (Exception e) {
    fail("Could not override JCE cryptography strength policy setting");
    fail(e.getMessage());
  }
}

0(App.java:38)
    at com.nikola.WebCrawlerApp.App.main(App.java:35)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:498)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:147)

采纳答案by Andy

You need to determine your Java home path (either via System.getenv("JAVA_HOME")from Java or $ echo $JAVA_HOMEon the command line). It should be a path like the following:

您需要确定您的 Java 主路径(通过System.getenv("JAVA_HOME")Java 或$ echo $JAVA_HOME命令行)。它应该是如下所示的路径:

  • C:\Program Files\Java\jre8on Windows
  • /Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Homeon Mac OS X
  • /usr/java/jdk1.8.0_101/bin/javaon *nix
  • C:\Program Files\Java\jre8在 Windows 上
  • /Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home在 Mac OS X 上
  • /usr/java/jdk1.8.0_101/bin/java在 *nix

You then need to copy the US_export_policy.jarand local_policy.jarfiles you downloaded into the directory: <JAVA_HOME>/jre/lib/securityand overwrite the existing files of the same name.

然后,您需要将下载的US_export_policy.jarlocal_policy.jar文件复制到目录中:<JAVA_HOME>/jre/lib/security并覆盖现有的同名文件。

Updated 05/17/17

17 年 5 月 17 日更新

The following code (for demonstration purposes only) will instruct the JVM that it is allowed to use AES-256 bit encryption and corresponding TLS ciphers regardless of the policy files installed. It is not recommendedto employ this method.

以下代码(仅用于演示目的)将指示 JVM 允许使用 AES-256 位加密和相应的 TLS 密码,而不管安装的策略文件如何。这是不建议采用这种方法。

if (Cipher.getMaxAllowedKeyLength("AES") < 256) {
 try {
 var field=Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted")
    field.setAccessible(true)
   var modifiersField = classOf[Field].getDeclaredField( "modifiers" )
   modifiersField.setAccessible(true);
   modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL);
    field.set(null, java.lang.Boolean.FALSE)
  }

  catch{
    case ex:Exception=>throw ex
  }
}

回答by Marcin K?opotek

2018-01-15 Update

2018-01-15 更新

According to JDK-8170157, since JDK 6u181, 7u171, 8u161, 9b148unlimited cryptographic policy is enabled by default. So all you have to do is just upgrade to the corresponding baseline.

根据JDK-8170157,由于 JDK 6u181, 7u171, 8u161, 9b148默认启用无限制加密策略。所以你所要做的就是升级到相应的基线。

Original answer

原答案

Since Java 9and Java 8u151there's no need to download and manually install jurisdiction policy files anymore. According to release notes:

Java 9Java 8u151 开始,不再需要下载和手动安装管辖权策略文件。根据发行说明

In older releases, JCEjurisdiction files had to be downloaded and installed separately to allow unlimited cryptography to be used by the JDK. The download and install steps are no longer necessary. To enable unlimited cryptography, one can use the new crypto.policySecurity property. If that new Security property is set in the java.securityfile, or has been set dynamically by using the Security.setProperty()call before the JCEframework has been initialized, that setting will be honoured. By default, the property will be undefined. If the property is undefined and the legacy JCEjurisdiction files don't exist in the legacy lib/securitydirectory, then the default cryptographic level will remain at limited. To configure the JDKto use unlimited cryptography, set the crypto.policyto a value of unlimited. See the notes in the java.securityfile shipping with this release for more information.

在旧版本中,必须单独下载和安装JCE权限文件,以允许JDK使用无限制的加密。不再需要下载和安装步骤。要启用无限加密,可以使用新的crypto.policySecurity 属性。如果在java.security文件中设置了新的 Security 属性,或者Security.setProperty()JCE框架初始化之前使用调用动态设置了该属性,则将遵循该设置。默认情况下,该属性将是未定义的。如果该属性未定义并且遗留的JCE权限文件在遗留的lib/security 中不存在目录,那么默认的加密级别将保持有限。要将JDK配置为使用无限制加密,请将 的crypto.policy值设置为unlimited。有关更多信息,请参阅此版本随附的java.security文件中的注释。

回答by ejoftheweb

In $JAVA_HOME/jre/lib/security, edit the file java.security and uncomment the line crypto.policy=unlimited (it's about 823 lines down a 932-line file).

在 $JAVA_HOME/jre/lib/security 中,编辑文件 java.security 并取消对 crypto.policy=unlimited 行的注释(在 932 行的文件中大约有 823 行)。

回答by Moshe Edri

i had the same problem and none of the above answers worked for me so as i found the solution i decided to share it here to help others

我遇到了同样的问题,上述答案都不适合我,所以当我找到解决方案时,我决定在这里分享以帮助他人

what worked for me in the end was simply download the Unlimited Strength Jurisdiction Policy Files from oracle website

最后对我有用的只是从 oracle 网站下载 Unlimited Strength Jurisdiction Policy Files

unzip the folder and move the files inside the folder into $JAVA_HOME\jre\lib\security overwriting the files already in there with the same name

解压文件夹并将文件夹内的文件移动到 $JAVA_HOME\jre\lib\security 中覆盖已有的同名文件

replace JAVA_HOME with the actual jdk folder of your java installation

将 JAVA_HOME 替换为 java 安装的实际 jdk 文件夹

回答by Nizar Ahmed

To programmatically handle this, The following code in Scala will help you do it. The code given above will not work for java version 8. You will get an error. Error : Can not set static final boolean field javax.crypto.JceSecurity.isRestricted to java.lang.Boolean

要以编程方式处理此问题,Scala 中的以下代码将帮助您完成。上面给出的代码不适用于 Java 版本 8。您将收到错误消息。错误: 无法将静态最终布尔字段 javax.crypto.JceSecurity.isRestricted 设置为 java.lang.Boolean

private void hackJCE() throws Exception {
    try {
        if (Cipher.getMaxAllowedKeyLength("AES") < 256) {
            Field field = Class.forName("javax.crypto.SunJCE_b").
            getDeclaredField("g");
            field.setAccessible(true);
            field.set(null, false);
        }
    } catch (Exception e) {
        return;
    }
}

回答by Ramanqul Buzaubak

For JDK 1.6 you can do it the following way:

对于 JDK 1.6,您可以通过以下方式进行:

##代码##

相关推荐

Java 是否有“私有保护”访问修饰符?

Java 是否有“私有保护”访问修饰符?

java 从单行休眠中选择单列

java 从单行休眠中选择单列

Java - 如何解码 Base64 编码的证书

Java - 如何解码 Base64 编码的证书

java 在 RecyclerView 或 Grouping Recyclerview 项目中按组划分元素,例如按日期

java 在 RecyclerView 或 Grouping Recyclerview 项目中按组划分元素,例如按日期

相关推荐
最近更新
标签