【前言】Java加解密系列,根据实际开发进度,不定期更新
【下载】在Oracle网站上搜索, Unlimited Strength Jurisdiction Policy Files 这个关键字,然后按照所安装的JDK版本选择对应的授权文件,比如我的是JDK8,就选择了这个
【安装】
下载完这个zip包后,里面有两个jar包和一个readme.txt文件。
按照README.txt里的说明进行安装。注意区别开发环境用的JRE在JDK里面,运行环境的JRE是单独的环境。在我的Mac上,JRE是装在JDK里的,对应路径是
/Library/Java/JavaVirtualMachines/jdk1.8.0_102.jdk/Contents/Home/jre
进入到授权文件安装的目录下
/Library/Java/JavaVirtualMachines/jdk1.8.0_102.jdk/Contents/Home/jre/lib/security能够查看到默认是有local_policy.jar 和 US_export_policy.jar的,改个名字保存一下。
然后复制压缩包里的文件到/Library/Java/JavaVirtualMachines/jdk1.8.0_102.jdk/Contents/Home/jre/lib/security目录下,这样就安装完成了。
【验证】
可以用下面的程序验证一下
public static void securityVerify() throws Exception {
byte[] data = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 };
// create a 64 bit secret key from raw bytes
SecretKey key64 = new SecretKeySpec(
new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 },
"Blowfish");
// create a cipher and attempt to encrypt the data block with our key
Cipher c = Cipher.getInstance("Blowfish/ECB/NoPadding");
c.init(Cipher.ENCRYPT_MODE, key64);
c.doFinal(data);
System.out.println("64 bit test: passed");
// create a 192 bit secret key from raw bytes
SecretKey key192 = new SecretKeySpec(
new byte[] { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17 },
"Blowfish");
// now try encrypting with the larger key
c.init(Cipher.ENCRYPT_MODE, key192);
c.doFinal(data);
System.out.println("192 bit test: passed");
System.out.println("Tests completed");
}
如果是默认配置,
返回类似
64 bit test: passed Exception in thread "main" java.lang.SecurityException: Unsupported keysize or algorithm parameters at javax.crypto.Cipher.init(...) at chapter1.SimplePolicyTest.main(SimplePolicyTest.java:38)
如果是替换后,返回
64 bit test: passed 192 bit test: passed Tests completed