Oracle® Security Developer Tools Reference
10g Release 2 (10.1.2)
The Java Cryptography Extension (JCE) from Sun Microsystems is an optional package to the Java 2 platform. It is a framework for implementing encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms.
This chapter contains these topics:
PBE with MD2/MD5/SHA1 and DES/RC2/Triple DES/RC4
KeyAgreement: Diffie-Hellman with two or more parties
PKCS5Padding and NoPadding support for:
PKCS1Padding and OAEPPadding for RSA
Support for standard key ranges
Support for X.509EncodedKeySpec and PKCS8EncodedKeySpec
Note:While the minimum acceptable strength is 512, Oracle JCE Provider supplies a default strength of 1024.
Standard default parameters for DSA (same as those provided by SunJCE)
Support for standard ASN1 encodings
Pseudo-random number generators, using proprietary algorithms based on the Bruce Schneier/Applied Cryptography design pattern
For more information about the Java Cryptography Extension and how to use the Oracle JCE Provider, please refer to the Sun JCE documentation at:
The Oracle Security Developer Tools are installed with Oracle Application Server in
ORACLE_HOME. This section explains how to set up your environment for Oracle JCE Provider. It contains these topics:
Oracle JCE Provider is compatible with Java Cryptography Extension (JCE) version 1.2.1. In order to use Oracle JCE Provider, you must install JCE 1.2.1 on your system.
The Java Cryptography Extension is available from Sun Microsystems at:
Add the following line to your
java.security file, which is usually located in
When installing the distribution files, the location of the Oracle JCE Provider
jar file depends on where the JCE 1.2.1 framework is installed:
If the JCE 1.2.1 framework is an "installed" extension
If the JCE 1.2.1 framework is an installed extension, the following files:
must appear in the standard location for
jar files of an installed extension:
$JAVA_HOME refers to the directory where the Java software is installed.
If the JCE 1.2.1 framework is located on the
If the JCE 1.2.1 framework is not installed as an extension but instead is located on the class path, and a security manager is installed, you need to grant permissions to the JCE 1.2.1 framework and JCE providers when you run applets or applications using JCE.
CLASSPATH environment variable must contain the full path and file names to the required jar and class files. Make sure that the the following files are included in your
To set your
CLASSPATH on Windows:
In your Windows Control Panel, select System.
In the System Properties dialog, select the Advanced tab.
Click Environment Variables.
In the User Variables section, click New to add a
CLASSPATH environment variable for your user profile. If a
CLASSPATH environment variable already exists, select it and click Edit.
Add the full path and file names for all of the required jar and class files to the
For example, your
CLASSPATH might look like this: