2 20 JCE Unlimited Strength Policy Files

LANSA Integrator

2.20 JCE Unlimited Strength Policy Files

Due to import control restrictions of some countries, the JCE jurisdiction policy files shipped with the Java SDK allow "strong" but limited cryptography to be used.

An "unlimited strength" version of these files indicating no restrictions on cryptographic strengths is available for those living in eligible countries (which is most countries).

You can download and replace the strong cryptography versions supplied with the Java SDK with the unlimited ones.

You need to update the two JAR files 'local_policy.jar' and 'US_export_policy.jar' files in the JDK's lib/security directory.

IBM's unlimited strength jurisdiction policy files:

www-128.ibm.com/developerworks/java/jdk/security/50

IBM's SDKs ship with strong but limited jurisdiction policy files. Unlimited jurisdiction policy files can be obtained from the link above. The ZIP file should be unpacked and the two JAR files placed in the JRE's jre/lib/security/ directory. These policy files are for use with IBM developed SDKs. The same files are used for the Version 1.4 and Version 5 SDKs.

The ZIP file should be unpacked and the two JAR files placed in the /QIBM/ProdData/Java400/jdk15/lib/security/ directory.

Oracle's unlimited strength jurisdiction policy files:

www.oracle.com/technetwork/java/javase/downloads/index.html

If these policy files are not installed then services that use Bouncy Castle will throw the following exception:

java.io.IOException: exception unwrapping private key - java.security.InvalidKeyException: Illegal key size