If you would like to use a stronger PBE cipher than triple DES & SHA-1 for storing passwords in JMC, this is how to go about it:
- Download a crypto provider containing the cipher you want. For example the latest provider jar from Bouncy Castle (at the time of writing, this was bcprov-jdk15on-150.jar)
- Copy the jar to
JAVA_HOME/jre/lib/ext
- Edit your JAVA_HOME/jre/lib/security/java.security file to include the Bouncy Castle provider. Look for the security.provider entries and add a new entry:
security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider
, where N is the number of the last entry plus one, for example:security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider
- For access to the strongest ciphers, download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files for your JDK version (this one for example), and unpack the two jar files into
JAVA_HOME/jre/lib/security/
.
Finally you need to select which cipher to use in the preferences (Window | Preferences, click Java Mission Control). Before adding bouncy castle, you should have had something like this:
After adding Bouncy you should see something like this:
Good luck!