Add sanity check that unlimited strength policy is installed (#183)

* Add sanity check that unlimited strength policy is installed
* Add HSM keys to ignore list
This commit is contained in:
Ross Nicoll 2017-12-13 11:21:22 +00:00 committed by GitHub
parent 4aa2a8ea18
commit e309095ad4
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 10 additions and 1 deletions

3
.gitignore vendored
View File

@ -110,3 +110,6 @@ TODO
/sgx-jvm/avian/
/sgx-jvm/linux-sgx/
/sgx-jvm/jvm-enclave/proguard.jar
# HSM keys
*.key

View File

@ -18,9 +18,15 @@ import com.r3.corda.networkmanage.hsm.signer.HsmNetworkMapSigner
import com.r3.corda.networkmanage.hsm.utils.mapCryptoServerException
import org.bouncycastle.jce.provider.BouncyCastleProvider
import java.security.Security
import javax.crypto.Cipher
fun main(args: Array<String>) {
// Grabbed from https://stackoverflow.com/questions/7953567/checking-if-unlimited-cryptography-is-available
if (Cipher.getMaxAllowedKeyLength("AES") < 256) {
System.err.println("Unlimited Strength Jurisdiction Policy Files must be installed, see http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html")
System.exit(1)
}
try {
run(parseParameters(*args))
} catch (e: ShowHelpException) {