Java Cryptography Extension Framework
The Java Cryptography Extension (JCE) framework includes the ability to enforce restrictions on the cryptographic algorithms and strengths. These restrictions are specified in jurisdiction policy files. These files are necessary to enable operation of SME/KS features.
Import control restrictions imposed by some governments require that the default jurisdiction policy files packaged with the Java Run-time Environment (JRE) specify that only strong but limited cryptography may be used. An unlimited strength policy file with no restrictions on cryptographic strength is available for most countries. However, only the strong but limited version can be readily imported into those countries where the governments restrict cryptography. In your JRE environment, the strong but limited default policy files are located as follows:
-
<java-home>/lib/security/local_policy.jar
-
<java-home>/lib/security/US_export_policy.jar
Where, <java-home> is the JRE directory within your Java Development Kit (JDK) environment, or the top-level directory of the JRE. The unlimited strength version of these policy files are downloaded from a Java Download web page (see To Download and Install the Policy Files).
The JCE framework has been through the U.S. export review process and is certified for export. Consult with your export/import control authority to determine your policy requirements.
- © 2010, Oracle Corporation and/or its affiliates