8061842: Package jurisdiction policy files as something other than JAR

Reviewed-by: xuelei, weijun, mullan
2016-08-26 13:44:20 -07:00 · 2016-08-26 13:44:20 -07:00 · 9cda798a33
commit 9cda798a33
parent f894a28859
16 changed files with 374 additions and 225 deletions
--- a/jdk/make/gendata/Gendata-java.base.gmk
+++ b/jdk/make/gendata/Gendata-java.base.gmk
@ -34,7 +34,7 @@ include GendataTZDB.gmk
 include GendataBlacklistedCerts.gmk
-include GendataPolicyJars.gmk
+include GendataCryptoPolicy.gmk
 ################################################################################
@ -64,13 +64,19 @@ TARGETS += $(GENDATA_CURDATA)
 GENDATA_JAVA_SECURITY_SRC := $(JDK_TOPDIR)/src/java.base/share/conf/security/java.security
 GENDATA_JAVA_SECURITY := $(SUPPORT_OUTPUTDIR)/modules_conf/java.base/security/java.security
 ifeq ($(UNLIMITED_CRYPTO), true)
    CRYPTO.POLICY := unlimited
 else
    CRYPTO.POLICY := limited
 endif
 # RESTRICTED_PKGS_SRC is optionally set in custom extension for this makefile
 $(GENDATA_JAVA_SECURITY): $(BUILD_TOOLS) $(GENDATA_JAVA_SECURITY_SRC) $(RESTRICTED_PKGS_SRC)
 	$(call LogInfo, Generating java.security)
 	$(call MakeDir, $(@D))
 	$(TOOL_MAKEJAVASECURITY) $(GENDATA_JAVA_SECURITY_SRC) $@ $(OPENJDK_TARGET_OS) \
-	    $(OPENJDK_TARGET_CPU_ARCH) $(RESTRICTED_PKGS_SRC)
+	    $(OPENJDK_TARGET_CPU_ARCH) $(CRYPTO.POLICY) $(RESTRICTED_PKGS_SRC)
 TARGETS += $(GENDATA_JAVA_SECURITY)
--- a/jdk/make/gendata/GendataCryptoPolicy.gmk
+++ b/jdk/make/gendata/GendataCryptoPolicy.gmk
@ -0,0 +1,72 @@
 #
 # Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License version 2 only, as
 # published by the Free Software Foundation.  Oracle designates this
 # particular file as subject to the "Classpath" exception as provided
 # by Oracle in the LICENSE file that accompanied this code.
 #
 # This code is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 # version 2 for more details (a copy is included in the LICENSE file that
 # accompanied this code).
 #
 # You should have received a copy of the GNU General Public License version
 # 2 along with this work; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 # or visit www.oracle.com if you need additional information or have any
 # questions.
 #
 #
 # In pre-JDK9 releases, Oracle JDK has had a separately downloadable set
 # of policy files which has been a nightmare for deployment.
 #
 # We now create 2 complete initial sets of policy files and package into 
 # 2 different directories.  The crypto.policy Security property will select
 # the active policy.
 #
 # It will be up to the user/deployer to make an informed choice
 # as to whether they are legally entitled to use the unlimited policy
 # file in their environment.  The $(UNLIMITED_CRYPTO) make variable
 # determines the default directory/policy.
 #
 default: all
 include $(SPEC)
 include MakeBase.gmk
 ################################################################################
 POLICY_DIR := $(SUPPORT_OUTPUTDIR)/modules_conf/java.base/security/policy
 LIMITED_POLICY_DIR := $(POLICY_DIR)/limited
 UNLIMITED_POLICY_DIR := $(POLICY_DIR)/unlimited
 POLICY_SRC_DIR := $(JDK_TOPDIR)/src/java.base/share/conf/security/policy
 LIMITED_POLICY_SRC_DIR := $(POLICY_SRC_DIR)/limited
 UNLIMITED_POLICY_SRC_DIR := $(POLICY_SRC_DIR)/unlimited
 $(POLICY_DIR)/README.txt: $(POLICY_SRC_DIR)/README.txt
 	$(install-file)
 $(LIMITED_POLICY_DIR)/%: $(LIMITED_POLICY_SRC_DIR)/%
 	$(install-file)
 $(UNLIMITED_POLICY_DIR)/%: $(UNLIMITED_POLICY_SRC_DIR)/%
 	$(install-file)
 TARGETS += \
    $(POLICY_DIR)/README.txt \
    $(LIMITED_POLICY_DIR)/default_US_export.policy \
    $(LIMITED_POLICY_DIR)/default_local.policy \
    $(LIMITED_POLICY_DIR)/exempt_local.policy \
    $(UNLIMITED_POLICY_DIR)/default_US_export.policy \
    $(UNLIMITED_POLICY_DIR)/default_local.policy \
 ################################################################################
--- a/jdk/make/gendata/GendataPolicyJars.gmk
+++ b/jdk/make/gendata/GendataPolicyJars.gmk
@ -1,150 +0,0 @@
 #
 # Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 # This code is free software; you can redistribute it and/or modify it
 # under the terms of the GNU General Public License version 2 only, as
 # published by the Free Software Foundation.  Oracle designates this
 # particular file as subject to the "Classpath" exception as provided
 # by Oracle in the LICENSE file that accompanied this code.
 #
 # This code is distributed in the hope that it will be useful, but WITHOUT
 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 # version 2 for more details (a copy is included in the LICENSE file that
 # accompanied this code).
 #
 # You should have received a copy of the GNU General Public License version
 # 2 along with this work; if not, write to the Free Software Foundation,
 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 #
 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 # or visit www.oracle.com if you need additional information or have any
 # questions.
 #
 default: all
 include $(SPEC)
 include MakeBase.gmk
 include JarArchive.gmk
 ################################################################################
 US_EXPORT_POLICY_JAR_DST := \
    $(SUPPORT_OUTPUTDIR)/modules_libs/java.base/security/US_export_policy.jar
 US_EXPORT_POLICY_JAR_LIMITED := \
    $(SUPPORT_OUTPUTDIR)/jce/policy/limited/US_export_policy.jar
 US_EXPORT_POLICY_JAR_UNLIMITED := \
    $(SUPPORT_OUTPUTDIR)/jce/policy/unlimited/US_export_policy.jar
 #
 # TODO fix so that SetupJarArchive does not write files into SRCS
 # then we don't need this extra copying
 #
 # NOTE: We currently do not place restrictions on our limited export
 # policy. This was not a typo. This means we are shipping the same file
 # for both limited and unlimited US_export_policy.jar.  Only the local
 # policy file currently has restrictions.
 #
 US_EXPORT_POLICY_JAR_SRC_DIR := \
    $(JDK_TOPDIR)/make/data/cryptopolicy/unlimited
 US_EXPORT_POLICY_JAR_TMP := \
    $(SUPPORT_OUTPUTDIR)/jce/policy/unlimited/US_export_policy_jar.tmp
 $(US_EXPORT_POLICY_JAR_TMP)/%: $(US_EXPORT_POLICY_JAR_SRC_DIR)/%
 	$(install-file)
 US_EXPORT_POLICY_JAR_DEPS := \
    $(US_EXPORT_POLICY_JAR_TMP)/default_US_export.policy
 $(eval $(call SetupJarArchive, BUILD_US_EXPORT_POLICY_JAR, \
    DEPENDENCIES := $(US_EXPORT_POLICY_JAR_DEPS), \
    SRCS := $(US_EXPORT_POLICY_JAR_TMP), \
    SUFFIXES := .policy, \
    JAR := $(US_EXPORT_POLICY_JAR_UNLIMITED), \
    EXTRA_MANIFEST_ATTR := Crypto-Strength: unlimited, \
    SKIP_METAINF := true, \
 ))
 $(US_EXPORT_POLICY_JAR_LIMITED): \
    $(US_EXPORT_POLICY_JAR_UNLIMITED)
 	$(call LogInfo, Copying unlimited $(patsubst $(OUTPUT_ROOT)/%,%,$@))
 	$(install-file)
 TARGETS += $(US_EXPORT_POLICY_JAR_LIMITED) $(US_EXPORT_POLICY_JAR_UNLIMITED)
 ifeq ($(UNLIMITED_CRYPTO), true)
  $(US_EXPORT_POLICY_JAR_DST): $(US_EXPORT_POLICY_JAR_UNLIMITED)
 	$(install-file)
 else
  $(US_EXPORT_POLICY_JAR_DST): $(US_EXPORT_POLICY_JAR_LIMITED)
 	$(install-file)
 endif
 POLICY_JARS += $(US_EXPORT_POLICY_JAR_DST)
 ################################################################################
 LOCAL_POLICY_JAR_DST := \
    $(SUPPORT_OUTPUTDIR)/modules_libs/java.base/security/local_policy.jar
 LOCAL_POLICY_JAR_LIMITED := \
    $(SUPPORT_OUTPUTDIR)/jce/policy/limited/local_policy.jar
 LOCAL_POLICY_JAR_UNLIMITED := \
    $(SUPPORT_OUTPUTDIR)/jce/policy/unlimited/local_policy.jar
 #
 # TODO fix so that SetupJarArchive does not write files into SRCS
 # then we don't need this extra copying
 #
 LOCAL_POLICY_JAR_LIMITED_TMP := \
    $(SUPPORT_OUTPUTDIR)/jce/policy/limited/local_policy_jar.tmp
 LOCAL_POLICY_JAR_UNLIMITED_TMP := \
    $(SUPPORT_OUTPUTDIR)/jce/policy/unlimited/local_policy_jar.tmp
 $(LOCAL_POLICY_JAR_LIMITED_TMP)/%: \
    $(JDK_TOPDIR)/make/data/cryptopolicy/limited/%
 	$(install-file)
 $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/%: \
    $(JDK_TOPDIR)/make/data/cryptopolicy/unlimited/%
 	$(install-file)
 $(eval $(call SetupJarArchive, BUILD_LOCAL_POLICY_JAR_LIMITED, \
    DEPENDENCIES := $(LOCAL_POLICY_JAR_LIMITED_TMP)/exempt_local.policy \
        $(LOCAL_POLICY_JAR_LIMITED_TMP)/default_local.policy, \
    SRCS := $(LOCAL_POLICY_JAR_LIMITED_TMP), \
    SUFFIXES := .policy, \
    JAR := $(LOCAL_POLICY_JAR_LIMITED), \
    EXTRA_MANIFEST_ATTR := Crypto-Strength: limited, \
    SKIP_METAINF := true, \
 ))
 $(eval $(call SetupJarArchive, BUILD_LOCAL_POLICY_JAR_UNLIMITED, \
    DEPENDENCIES := $(LOCAL_POLICY_JAR_UNLIMITED_TMP)/default_local.policy, \
    SRCS := $(LOCAL_POLICY_JAR_UNLIMITED_TMP), \
    SUFFIXES := .policy, \
    JAR := $(LOCAL_POLICY_JAR_UNLIMITED), \
    EXTRA_MANIFEST_ATTR := Crypto-Strength: unlimited, \
    SKIP_METAINF := true, \
 ))
 TARGETS += $(LOCAL_POLICY_JAR_LIMITED) $(LOCAL_POLICY_JAR_UNLIMITED)
 ifeq ($(UNLIMITED_CRYPTO), true)
  $(LOCAL_POLICY_JAR_DST): $(LOCAL_POLICY_JAR_UNLIMITED)
 	$(install-file)
 else
  $(LOCAL_POLICY_JAR_DST): $(LOCAL_POLICY_JAR_LIMITED)
 	$(install-file)
 endif
 POLICY_JARS += $(LOCAL_POLICY_JAR_DST)
 TARGETS += $(POLICY_JARS)
 ################################################################################
 $(eval $(call IncludeCustomExtension, jdk, gendata/GendataPolicyJars.gmk))
--- a/jdk/make/src/classes/build/tools/makejavasecurity/MakeJavaSecurity.java
+++ b/jdk/make/src/classes/build/tools/makejavasecurity/MakeJavaSecurity.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2013, 2014, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2013, 2016, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -35,7 +35,8 @@ import java.util.*;
 *
 * 1. Adds additional packages to the package.access and
 *    package.definition security properties.
- * 2. Filter out platform-unrelated parts
+ * 2. Filter out platform-unrelated parts.
 * 3. Set the JCE jurisdiction policy directory.
 *
 * In order to easily maintain platform-related entries, every item
 * (including the last line) in package.access and package.definition
@ -50,12 +51,13 @@ public class MakeJavaSecurity {
    public static void main(String[] args) throws Exception {
-        if (args.length < 4) {
+        if (args.length < 5) {
            System.err.println("Usage: java MakeJavaSecurity " +
                               "[input java.security file name] " +
                               "[output java.security file name] " +
                               "[openjdk target os] " +
                               "[openjdk target cpu architecture]" +
                               "[JCE jurisdiction policy directory]" +
                               "[more restricted packages file name?]");
                    System.exit(1);
@ -63,8 +65,8 @@ public class MakeJavaSecurity {
        // more restricted packages
        List<String> extraLines;
-        if (args.length == 5) {
+        if (args.length == 6) {
-            extraLines = Files.readAllLines(Paths.get(args[4]));
+            extraLines = Files.readAllLines(Paths.get(args[5]));
        } else {
            extraLines = Collections.emptyList();
        }
@ -135,6 +137,16 @@ public class MakeJavaSecurity {
            }
        }
        // Set the JCE policy value
        for (int i = 0; i < lines.size(); i++) {
            String line = lines.get(i);
            int index = line.indexOf("crypto.policydir-tbd");
            if (index >= 0) {
                String prefix = line.substring(0, index);
                lines.set(i, prefix + args[4]);
            }
        }
        // Clean up the last line of PKG_ACC and PKG_DEF blocks.
        // Not really necessary since a blank line follows.
        boolean inBlock = false;
--- a/jdk/src/java.base/share/classes/javax/crypto/JceSecurity.java
+++ b/jdk/src/java.base/share/classes/javax/crypto/JceSecurity.java
@ -29,6 +29,7 @@ import java.util.*;
 import java.util.jar.*;
 import java.io.*;
 import java.net.URL;
 import java.nio.file.*;
 import java.security.*;
 import java.security.Provider.Service;
@ -206,7 +207,7 @@ final class JceSecurity {
    static {
        try {
-            NULL_URL = new URL("http://null.sun.com/");
+            NULL_URL = new URL("http://null.oracle.com/");
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
@ -243,83 +244,94 @@ final class JceSecurity {
        }
    }
    // This is called from within an doPrivileged block.
    private static void setupJurisdictionPolicies() throws Exception {
        String javaHomeDir = System.getProperty("java.home");
        String sep = File.separator;
        String pathToPolicyJar = javaHomeDir + sep + "lib" + sep +
            "security" + sep;
-        File exportJar = new File(pathToPolicyJar, "US_export_policy.jar");
+        // Sanity check the crypto.policy Security property.  Single
-        File importJar = new File(pathToPolicyJar, "local_policy.jar");
+        // directory entry, no pseudo-directories (".", "..", leading/trailing
        // path separators). normalize()/getParent() will help later.
        String cryptoPolicyProperty = Security.getProperty("crypto.policy");
        Path cpPath = Paths.get(cryptoPolicyProperty);
-        if (!exportJar.exists() || !importJar.exists()) {
+        if ((cryptoPolicyProperty == null) ||
-            throw new SecurityException
+                (cpPath.getNameCount() != 1) ||
-                                ("Cannot locate policy or framework files!");
+                (cpPath.compareTo(cpPath.getFileName()) != 0)) {
            throw new SecurityException(
                "Invalid policy directory name format: " +
                cryptoPolicyProperty);
        }
-        // Read jurisdiction policies.
+        // Prepend java.home to get the full path.  normalize() in
-        CryptoPermissions defaultExport = new CryptoPermissions();
+        // case an extra "." or ".." snuck in somehow.
-        CryptoPermissions exemptExport = new CryptoPermissions();
+        String javaHomeProperty = System.getProperty("java.home");
-        loadPolicies(exportJar, defaultExport, exemptExport);
+        Path javaHomePolicyPath = Paths.get(javaHomeProperty, "conf",
                "security", "policy").normalize();
        Path cryptoPolicyPath = Paths.get(javaHomeProperty, "conf", "security",
                "policy", cryptoPolicyProperty).normalize();
-        CryptoPermissions defaultImport = new CryptoPermissions();
+        if (cryptoPolicyPath.getParent().compareTo(javaHomePolicyPath) != 0) {
-        CryptoPermissions exemptImport = new CryptoPermissions();
+            throw new SecurityException(
-        loadPolicies(importJar, defaultImport, exemptImport);
+                "Invalid cryptographic jurisdiction policy directory path: " +
-
+                cryptoPolicyProperty);
        // Merge the export and import policies for default applications.
        if (defaultExport.isEmpty() || defaultImport.isEmpty()) {
            throw new SecurityException("Missing mandatory jurisdiction " +
                                        "policy files");
        }
        defaultPolicy = defaultExport.getMinimum(defaultImport);
-        // Merge the export and import policies for exempt applications.
+        if (!Files.isDirectory(cryptoPolicyPath)
-        if (exemptExport.isEmpty())  {
+                || !Files.isReadable(cryptoPolicyPath)) {
-            exemptPolicy = exemptImport.isEmpty() ? null : exemptImport;
+            throw new SecurityException(
                "Can't read cryptographic policy directory: " +
                cryptoPolicyProperty);
        }
        try (DirectoryStream<Path> stream = Files.newDirectoryStream(
                cryptoPolicyPath, "{default,exempt}_*.policy")) {
            for (Path entry : stream) {
                try (InputStream is = new BufferedInputStream(
                        Files.newInputStream(entry))) {
                    String filename = entry.getFileName().toString();
                    CryptoPermissions tmpPerms = new CryptoPermissions();
                    tmpPerms.load(is);
                    if (filename.startsWith("default_")) {
                        // Did we find a default perms?
                        defaultPolicy = ((defaultPolicy == null) ? tmpPerms :
                                defaultPolicy.getMinimum(tmpPerms));
                    } else if (filename.startsWith("exempt_")) {
                        // Did we find a exempt perms?
                        exemptPolicy = ((exemptPolicy == null) ? tmpPerms :
                                exemptPolicy.getMinimum(tmpPerms));
                    } else {
-            exemptPolicy = exemptExport.getMinimum(exemptImport);
+                        // This should never happen.  newDirectoryStream
                        // should only throw return "{default,exempt}_*.policy"
                        throw new SecurityException(
                            "Unexpected jurisdiction policy files in : " +
                            cryptoPolicyProperty);
                    }
                } catch (Exception e) {
                    throw new SecurityException(
                        "Couldn't parse jurisdiction policy files in: " +
                        cryptoPolicyProperty);
                }
            }
        } catch (DirectoryIteratorException ex) {
            // I/O error encountered during the iteration,
            // the cause is an IOException
            throw new SecurityException(
                "Couldn't iterate through the jurisdiction policy files: " +
                cryptoPolicyProperty);
        }
-    /**
+        // Must have a default policy
-     * Load the policies from the specified file. Also checks that the
+        if ((defaultPolicy == null) || defaultPolicy.isEmpty()) {
-     * policies are correctly signed.
+            throw new SecurityException(
-     */
+                "Missing mandatory jurisdiction policy files: " +
-    private static void loadPolicies(File jarPathName,
+                cryptoPolicyProperty);
                                     CryptoPermissions defaultPolicy,
                                     CryptoPermissions exemptPolicy)
        throws Exception {
        JarFile jf = new JarFile(jarPathName);
        Enumeration<JarEntry> entries = jf.entries();
        while (entries.hasMoreElements()) {
            JarEntry je = entries.nextElement();
            InputStream is = null;
            try {
                if (je.getName().startsWith("default_")) {
                    is = jf.getInputStream(je);
                    defaultPolicy.load(is);
                } else if (je.getName().startsWith("exempt_")) {
                    is = jf.getInputStream(je);
                    exemptPolicy.load(is);
                } else {
                    continue;
                }
            } finally {
                if (is != null) {
                    is.close();
                }
        }
-            // Enforce the signer restraint, i.e. signer of JCE framework
+        // If there was an empty exempt policy file, ignore it.
-            // jar should also be the signer of the two jurisdiction policy
+        if ((exemptPolicy != null) && exemptPolicy.isEmpty()) {
-            // jar files.
+            exemptPolicy = null;
            ProviderVerifier.verifyPolicySigned(je.getCertificates());
        }
        // Close and nullify the JarFile reference to help GC.
        jf.close();
        jf = null;
    }
    static CryptoPermissions getDefaultPolicy() {
--- a/jdk/src/java.base/share/conf/security/java.security
+++ b/jdk/src/java.base/share/conf/security/java.security
@ -804,6 +804,56 @@ jdk.tls.legacyAlgorithms= \
 #       EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \
 #       FFFFFFFF FFFFFFFF, 2}
 # Cryptographic Jurisdiction Policy defaults
 # 
 # Due to the import control restrictions of some countries, the default
 # JCE policy files allow for strong but "limited" cryptographic key
 # lengths to be used.  If your country's cryptographic regulations allow,
 # the "unlimited" strength policy files can be used instead, which contain
 # no restrictions on cryptographic strengths.
 # 
 # If your country has restrictions that don't fit either "limited" or
 # "unlimited", an appropriate set of policy files should be created and
 # configured before using this distribution.  The jurisdiction policy file
 # configuration must reflect the cryptographic restrictions appropriate
 # for your country.
 # 
 # YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
 # TO DETERMINE THE EXACT REQUIREMENTS.
 # 
 # The policy files are flat text files organized into subdirectories of
 # <java-home>/conf/security/policy.  Each directory contains a complete
 # set of policy files.
 #
 # The "crypto.policy" Security property controls the directory selection,
 # and thus the effective cryptographic policy.
 # 
 # The default set of directories is:  
 # 
 #     limited | unlimited 
 # 
 # however other directories can be created and configured.
 # 
 # Within a directory, the effective policy is the combined minimum
 # permissions of the grant statements in the file(s) with the filename
 # pattern "default_*.policy".  At least one grant is required.  For
 # example:
 #
 #     limited   =  Export (all) + Import (limited)  =  Limited
 #     unlimited =  Export (all) + Import (all)      =  Unlimited
 #
 # The effective exemption policy is the combined minimum permissions
 # of the grant statements in the file(s) with the filename pattern
 # "exempt_*.policy".  Exemption grants are optional.
 #
 #     limited   =  grants exemption permissions, by which the
 #                  effective policy can be circumvented. 
 #                  e.g.  KeyRecovery/Escrow/Weakening.
 # 
 # Please see the JCA documentation for additional information on these
 # files and formats.
 crypto.policy=crypto.policydir-tbd
 #
 # The policy for the XML Signature secure validation mode. The mode is
 # enabled by setting the property "org.jcp.xml.dsig.secureValidation" to
--- a/jdk/src/java.base/share/conf/security/policy/README.txt
+++ b/jdk/src/java.base/share/conf/security/policy/README.txt
@ -0,0 +1,35 @@
            Java(TM) Cryptography Extension Policy Files
    for the Java(TM) Platform, Standard Edition Runtime Environment
                               README
 ------------------------------------------------------------------------
 The JCE architecture allows flexible cryptographic strength to be
 configured via the jurisdiction policy files contained within these
 directories.
 Due to import control restrictions of some countries, the default
 JCE policy files bundled in this Java Runtime Environment allow
 for strong but "limited" cryptographic strengths.  For convenience,
 this build also contains the "unlimited strength" policy files which
 contain no restrictions on cryptographic strengths, but they must be
 specifically activated by updating the "crypto.policy" Security property
 (e.g. <java-home>/conf/security/java.security) to point to the appropriate
 directory.
 Each subdirectory contains a complete policy configuration, and additional
 subdirectories can be added/removed to reflect local regulations.
 JCE for Java SE has been through the U.S. export review process.  The JCE
 framework, along with the various JCE providers that come standard with it
 (SunJCE, SunEC, SunPKCS11, SunMSCAPI, etc), is exportable from the
 United States.
 You are advised to consult your export/import control counsel or attorney
 to determine the exact requirements of your location, and what policy
 settings should be used.
 Please see The Java(TM) Cryptography Architecture (JCA) Reference
 Guide and the java.security file for more information.
--- a/jdk/src/java.base/share/conf/security/policy/limited/default_US_export.policy
+++ b/jdk/src/java.base/share/conf/security/policy/limited/default_US_export.policy
@ -1,4 +1,5 @@
-// Manufacturing policy file.
+// Default US Export policy file.
 grant {
    // There is no restriction to any algorithms.
    permission javax.crypto.CryptoAllPermission; 
--- a/jdk/src/java.base/share/conf/security/policy/limited/default_local.policy
+++ b/jdk/src/java.base/share/conf/security/policy/limited/default_local.policy
--- a/jdk/src/java.base/share/conf/security/policy/limited/exempt_local.policy
+++ b/jdk/src/java.base/share/conf/security/policy/limited/exempt_local.policy
@ -1,5 +1,5 @@
-// Some countries have import limits on crypto strength. So this file
+// Some countries have import limits on crypto strength, but may allow for
-// will be useful.
+// these exemptions if the exemption mechanism is used.
 grant {
    // There is no restriction to any algorithms if KeyRecovery is enforced.
--- a/jdk/src/java.base/share/conf/security/policy/unlimited/default_US_export.policy
+++ b/jdk/src/java.base/share/conf/security/policy/unlimited/default_US_export.policy
@ -0,0 +1,6 @@
 // Default US Export policy file.
 grant {
    // There is no restriction to any algorithms.
    permission javax.crypto.CryptoAllPermission; 
 };
--- a/jdk/src/java.base/share/conf/security/policy/unlimited/default_local.policy
+++ b/jdk/src/java.base/share/conf/security/policy/unlimited/default_local.policy
@ -1,4 +1,5 @@
 // Country-specific policy file for countries with no limits on crypto strength.
 grant {
    // There is no restriction to any algorithms.
    permission javax.crypto.CryptoAllPermission; 
--- a/jdk/test/javax/crypto/CryptoPermissions/TestUnlimited.java
+++ b/jdk/test/javax/crypto/CryptoPermissions/TestUnlimited.java
@ -0,0 +1,96 @@
 /*
 * Copyright (c) 2016, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License version 2 only, as
 * published by the Free Software Foundation.  Oracle designates this
 * particular file as subject to the "Classpath" exception as provided
 * by Oracle in the LICENSE file that accompanied this code.
 *
 * This code is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * version 2 for more details (a copy is included in the LICENSE file that
 * accompanied this code).
 *
 * You should have received a copy of the GNU General Public License version
 * 2 along with this work; if not, write to the Free Software Foundation,
 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 * or visit www.oracle.com if you need additional information or have any
 * questions.
 */
 /**
 * @test
 * @bug 8061842
 * @summary Package jurisdiction policy files as something other than JAR
 * @run main/othervm TestUnlimited "" exception
 * @run main/othervm TestUnlimited limited fail
 * @run main/othervm TestUnlimited unlimited pass
 * @run main/othervm TestUnlimited unlimited/ pass
 * @run main/othervm TestUnlimited NosuchDir exception
 * @run main/othervm TestUnlimited . exception
 * @run main/othervm TestUnlimited /tmp/unlimited exception
 * @run main/othervm TestUnlimited ../policy/unlimited exception
 * @run main/othervm TestUnlimited ./unlimited exception
 * @run main/othervm TestUnlimited /unlimited exception
 */
 import javax.crypto.*;
 import java.security.Security;
 public class TestUnlimited {
    public static void main(String[] args) throws Exception {
        /*
         * Override the Security property to allow for unlimited policy.
         * Would need appropriate permissions if Security Manager were
         * active.
         */
        if (args.length != 2) {
            throw new Exception("Two args required");
        }
        boolean expected = args[1].equals("pass");
        boolean exception = args[1].equals("exception");
        boolean result = false;
        System.out.println("Testing: " + args[0]);
        if (args[0].equals("\"\"")) {
            Security.setProperty("crypto.policy", "");
        } else {
            Security.setProperty("crypto.policy", args[0]);
        }
        /*
         * Use the AES as the test Cipher
         * If there is an error initializing, we will never get past here.
         */
        try {
            int maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
            System.out.println("max AES key len:" + maxKeyLen);
            if (maxKeyLen > 128) {
                System.out.println("Unlimited policy is active");
                result = true;
            } else {
                System.out.println("Unlimited policy is NOT active");
                result = false;
            }
        } catch (Throwable e) {
            if (!exception) {
                throw new Exception();
            }
        }
        System.out.println(
                "Expected:\t" + expected + "\nResult:\t\t" + result);
        if (expected != result) {
            throw new Exception();
        }
        System.out.println("DONE!");
    }
 }
--- a/jdk/test/jdk/security/JavaDotSecurity/final_java_security
+++ b/jdk/test/jdk/security/JavaDotSecurity/final_java_security
@ -10,6 +10,7 @@ foo.5=8
 foo.6=9a
 foo.7=10
 foo.8=12
 crypto.policy=somepolicy
 package.access=sun.,\
               solaris.,\
--- a/jdk/test/jdk/security/JavaDotSecurity/ifdefs.sh
+++ b/jdk/test/jdk/security/JavaDotSecurity/ifdefs.sh
@ -46,7 +46,13 @@ if [ ! -f $TOOLSRC ]; then
 fi
 $JAVAC -d . $TOOLSRC
-$JAVA $TOOLNAME $TESTSRC/raw_java_security outfile solaris sparc $TESTSRC/more_restricted
+$JAVA $TOOLNAME \
    $TESTSRC/raw_java_security \
    outfile \
    solaris \
    sparc \
    somepolicy \
    $TESTSRC/more_restricted
 # On Windows, line end could be different. -b is a cross-platform option.
 diff -b outfile $TESTSRC/final_java_security
--- a/jdk/test/jdk/security/JavaDotSecurity/raw_java_security
+++ b/jdk/test/jdk/security/JavaDotSecurity/raw_java_security
@ -44,6 +44,7 @@ foo.tbd=11
 #ifndef macosx-x64
 foo.tbd=12
 #endif
 crypto.policy=crypto.policydir-tbd
 package.access=sun.,\
 #ifdef solaris