Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
A quick test to see if you have the JCE Unlimited Strength Jurisdiction Policy files installed. If you don't, in Java 6 you'll see 128. If you do, you'll see 2147483647. Thanks to http://stackoverflow.com/questions/11538746/check-for-jce-unlimited-strength-jurisdiction-policy-files
#!/bin/bash
javac Test.java
java Test
import javax.crypto.Cipher;
class Test {
public static void main(String[] args) {
try {
System.out.println("Hello World!");
int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
System.out.println(maxKeyLen);
} catch (Exception e){
System.out.println("Sad world :(");
}
}
}
@raphaelvannson

This comment has been minimized.

Copy link

@raphaelvannson raphaelvannson commented Dec 5, 2015

Very nice little util. Thanks dude.

@Giszmo

This comment has been minimized.

Copy link

@Giszmo Giszmo commented Jun 13, 2016

Your code assumes it would crash for merely asking for bullshit policies. Here it doesn't crash and I had to test for maxKeyLen < Integer.MAX_VALUE.

@yamnicz3k

This comment has been minimized.

Copy link

@yamnicz3k yamnicz3k commented Aug 30, 2016

Thanks dude. 👍

@kmark

This comment has been minimized.

Copy link

@kmark kmark commented Sep 22, 2016

From my understanding 2147483647 (Integer.MAX_VALUE) is not a "bullshit policy" but rather the result you get if you're using OpenJDK which has no limits. See: https://www.eyrie.org/~eagle/notes/debian/jce-policy.html

@spicysomtam

This comment has been minimized.

Copy link

@spicysomtam spicysomtam commented Mar 22, 2017

Very useful. Thanks for posting.

@pdehlke

This comment has been minimized.

Copy link

@pdehlke pdehlke commented Apr 28, 2017

As a one-liner: $JAVA_HOME/bin/jrunscript -e 'print (javax.crypto.Cipher.getMaxAllowedKeyLength("RC5") >= 256);'

@jasonmimick

This comment has been minimized.

Copy link

@jasonmimick jasonmimick commented Oct 26, 2017

one-liner - perfect, needed in bash script!

@TiloGit

This comment has been minimized.

Copy link

@TiloGit TiloGit commented Nov 7, 2017

thanks for the info. Here mod one liner for WAS (IBM) on Win
C:\IBM\WebSphere\AppServer\java\8.0\bin\jrunscript -e "print (javax.crypto.Cipher.getMaxAllowedKeyLength('AES'))"
C:\IBM\WebSphere\AppServer\java_1.7.1_64\bin\jrunscript -e "print (javax.crypto.Cipher.getMaxAllowedKeyLength('AES'))"

If you want true/false
jrunscript -e "print (javax.crypto.Cipher.getMaxAllowedKeyLength('AES') >= 256)"
jrunscript -e "print (javax.crypto.Cipher.getMaxAllowedKeyLength('RC5') >= 256)"

@kfowlks

This comment has been minimized.

Copy link

@kfowlks kfowlks commented Dec 6, 2017

Excellent work!

@daudich

This comment has been minimized.

Copy link

@daudich daudich commented Jun 26, 2018

Thanks for this and the one liners!

@Wonno

This comment has been minimized.

@jacky1104

This comment has been minimized.

Copy link

@jacky1104 jacky1104 commented Aug 1, 2018

Thanks dude.

@razorsedge

This comment has been minimized.

Copy link

@razorsedge razorsedge commented Aug 1, 2019

unzip -c ${JAVA_HOME}/jre/lib/security/local_policy.jar default_local.policy | grep -q javax.crypto.CryptoAllPermission && echo "unlimited JCE" || echo "vanilla JCE"

@scotlynhatt

This comment has been minimized.

Copy link

@scotlynhatt scotlynhatt commented Jan 7, 2020

In Eclipse:
image

@dickmuller

This comment has been minimized.

Copy link

@dickmuller dickmuller commented Feb 11, 2020

Great help, thanks for the post.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.