Is it possible to bundle JCE policy files with java program

Question

I want AES with GCM mode with 256-bit key size. Currently, this causes:

Error java.security.InvalidKeyException: Illegal key size

Apparently, this is due to export restrictions on cryptography and I need to install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from Oracle. I think it's too much to ask the users of my app to modify their JRE just to run my app. Is it possible to bundle the cryptography extension policy files into my app?

Answer 1

I have found this question very similar to yours Using encryption that would need Java Policy Files in openjre

But the accepted answer does not work for me. Try this one

Field gate = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
gate.setAccessible(true);
gate.setBoolean(null, false);
Field allPerm = Class.forName("javax.crypto.CryptoAllPermission").getDeclaredField("INSTANCE");
allPerm.setAccessible(true);
Object accessAllAreasCard = allPerm.get(null);
final Constructor<?> constructor = Class.forName("javax.crypto.CryptoPermissions").getDeclaredConstructor();
constructor.setAccessible(true);
Object coll = constructor.newInstance();
Method addPerm = Class.forName("javax.crypto.CryptoPermissions").getDeclaredMethod("add", java.security.Permission.class);
addPerm.setAccessible(true);
addPerm.invoke(coll, accessAllAreasCard);
Field defaultPolicy = Class.forName("javax.crypto.JceSecurity").getDeclaredField("defaultPolicy");
defaultPolicy.setAccessible(true);
defaultPolicy.set(null, coll);

Compatibility

• JRE 7: OK

• JRE 8 u101: OK

• JRE 8 u112: FAIL Can not set static final boolean field javax.crypto.JceSecurity.isRestricted to (boolean)false