|
| 1 | +ATTENTION! Installing this is only necessary, if you want to use |
| 2 | + single-sign-on via SAML in Oryx!!! |
| 3 | + |
| 4 | + |
| 5 | + |
| 6 | + Unlimited Strength Java(TM) Cryptography Extension Policy Files |
| 7 | + for the Java(TM) Platform, Standard Edition Development Kit, v6 |
| 8 | + |
| 9 | + README |
| 10 | + |
| 11 | +---------------------------------------------------------------------- |
| 12 | +CONTENTS |
| 13 | +---------------------------------------------------------------------- |
| 14 | + |
| 15 | + o Introduction |
| 16 | + o Copyright |
| 17 | + o Understanding The Export/Import Issues |
| 18 | + o Where To Find Documentation |
| 19 | + o Installation |
| 20 | + o Questions, Support, Reporting Bugs, and Feedback |
| 21 | + |
| 22 | + |
| 23 | +---------------------------------------------------------------------- |
| 24 | +Introduction |
| 25 | +---------------------------------------------------------------------- |
| 26 | + |
| 27 | +Thank you for downloading the Unlimited Strength Java(TM) Cryptography |
| 28 | +Extension (JCE) Policy Files for the Java(TM) Platform, Standard |
| 29 | +Edition Development Kit, v6. |
| 30 | + |
| 31 | +Due to import control restrictions, the version of JCE policy files that |
| 32 | +are bundled in the JDK(TM) 6 environment allow "strong" but limited |
| 33 | +cryptography to be used. This download bundle (the one including this |
| 34 | +README file) provides "unlimited strength" policy files which contain |
| 35 | +no restrictions on cryptographic strengths. |
| 36 | + |
| 37 | +Please note that this download file does NOT contain any encryption |
| 38 | +functionality since such functionality is supported in Sun's JDK 6. |
| 39 | +Thus, this installation applies only to Sun's JDK 6, and assumes |
| 40 | +that the JDK 6 is already installed. |
| 41 | + |
| 42 | + |
| 43 | +---------------------------------------------------------------------- |
| 44 | +Copyright |
| 45 | +---------------------------------------------------------------------- |
| 46 | + |
| 47 | +The copyright notice governing this product's use can be found in |
| 48 | +COPYRIGHT.html. This file is normally found in the same directory |
| 49 | +as this README.txt file. |
| 50 | + |
| 51 | + |
| 52 | +---------------------------------------------------------------------- |
| 53 | +Understanding The Export/Import Issues |
| 54 | +---------------------------------------------------------------------- |
| 55 | + |
| 56 | +JCE for JDK 6 has been through the U.S. export review process. |
| 57 | +The JCE framework, along with the SunJCE provider that comes |
| 58 | +standard with it, is exportable. |
| 59 | + |
| 60 | +The JCE architecture allows flexible cryptographic strength |
| 61 | +to be configured via jurisdiction policy files. Due to the |
| 62 | +import restrictions of some countries, the jurisdiction policy |
| 63 | +files distributed with the JDK 6 software have built-in |
| 64 | +restrictions on available cryptographic strength. The jurisdiction |
| 65 | +policy files in this download bundle (the bundle including this |
| 66 | +README file) contain no restrictions on cryptographic strengths. |
| 67 | +This is appropriate for most countries. Framework vendors can |
| 68 | +create download bundles that include jurisdiction policy files |
| 69 | +that specify cryptographic restrictions appropriate for countries |
| 70 | +whose governments mandate restrictions. Users in those countries |
| 71 | +can download an appropriate bundle, and the JCE framework will |
| 72 | +enforce the specified restrictions. |
| 73 | + |
| 74 | +You are advised to consult your export/import control counsel or |
| 75 | +attorney to determine the exact requirements. |
| 76 | + |
| 77 | + |
| 78 | +---------------------------------------------------------------------- |
| 79 | +Where To Find Documentation |
| 80 | +---------------------------------------------------------------------- |
| 81 | + |
| 82 | +The following documents will be of interest to you: |
| 83 | + |
| 84 | + o The Java(TM) Cryptography Architecture (JCA) Reference Guide at: |
| 85 | + |
| 86 | + http://java.sun.com/javase/6/docs/technotes/guides/security/crypto/CryptoSpec.html |
| 87 | + |
| 88 | + o The Java Security web site has more information about JCE, |
| 89 | + plus additional information about the Java Security Model. |
| 90 | + Please see: |
| 91 | + |
| 92 | + http://java.sun.com/products/jce/ |
| 93 | + http://java.sun.com/security/ |
| 94 | + |
| 95 | + |
| 96 | +---------------------------------------------------------------------- |
| 97 | +Installation |
| 98 | +---------------------------------------------------------------------- |
| 99 | + |
| 100 | +Notes: |
| 101 | + |
| 102 | + o Unix (Solaris/Linux) and Win32 use different pathname separators, so |
| 103 | + please use the appropriate one ("\", "/") for your |
| 104 | + environment. |
| 105 | + |
| 106 | + o <java-home> refers to the directory where the Java SE Runtime |
| 107 | + Environment (JRE) was installed. It is determined based on whether |
| 108 | + you are running JCE on a JRE with or without the JDK installed. The |
| 109 | + JDK contains the JRE, but at a different level in the file |
| 110 | + hierarchy. For example, if the JDK is installed in |
| 111 | + /home/user1/jdk1.6.0 on Unix or in C:\jdk1.6.0 on Win32, then |
| 112 | + <java-home> is |
| 113 | + |
| 114 | + /home/user1/jdk1.6.0/jre [Unix] |
| 115 | + C:\jdk1.6.0\jre [Win32] |
| 116 | + |
| 117 | + If on the other hand the JRE is installed in /home/user1/jre1.6.0 |
| 118 | + on Unix or in C:\jre1.6.0 on Win32, and the JDK is not |
| 119 | + installed, then <java-home> is |
| 120 | + |
| 121 | + /home/user1/jre1.6.0 [Unix] |
| 122 | + C:\jre1.6.0 [Win32] |
| 123 | + |
| 124 | + o On Win32, for each JDK installation, there may be an additional |
| 125 | + JRE installed under the "Program Files" directory. Please make |
| 126 | + sure that you install the unlimited strength policy JAR files |
| 127 | + for all JREs that you plan to use. |
| 128 | + |
| 129 | + |
| 130 | +Here are the installation instruction: |
| 131 | + |
| 132 | +1) Download the unlimited strength JCE policy files. |
| 133 | + |
| 134 | +2) Uncompress and extract the downloaded file. |
| 135 | + |
| 136 | + This will create a subdirectory called jce. |
| 137 | + This directory contains the following files: |
| 138 | + |
| 139 | + README.txt This file |
| 140 | + COPYRIGHT.html Copyright information |
| 141 | + local_policy.jar Unlimited strength local policy file |
| 142 | + US_export_policy.jar Unlimited strength US export policy file |
| 143 | + |
| 144 | +3) Install the unlimited strength policy JAR files. |
| 145 | + |
| 146 | + To utilize the encryption/decryption functionalities of |
| 147 | + the JCE framework without any limitation, first make a copy of |
| 148 | + the original JCE policy files (US_export_policy.jar and |
| 149 | + local_policy.jar in the standard place for JCE |
| 150 | + jurisdiction policy JAR files) in case you later decide |
| 151 | + to revert to these "strong" versions. Then replace the strong |
| 152 | + policy files with the unlimited strength versions extracted in the |
| 153 | + previous step. |
| 154 | + |
| 155 | + The standard place for JCE jurisdiction policy JAR files is: |
| 156 | + |
| 157 | + <java-home>/lib/security [Unix] |
| 158 | + <java-home>\lib\security [Win32] |
| 159 | + |
| 160 | + |
| 161 | +----------------------------------------------------------------------- |
| 162 | +Questions, Support, Reporting Bugs, and Feedback |
| 163 | +----------------------------------------------------------------------- |
| 164 | + |
| 165 | +Questions |
| 166 | +--------- |
| 167 | + |
| 168 | +For miscellaneous questions about JCE usage and deployment, we |
| 169 | +encourage you to read: |
| 170 | + |
| 171 | + o Information on the JCE web site |
| 172 | + |
| 173 | + http://java.sun.com/products/jce |
| 174 | + |
| 175 | + o The Java Security Q&A Archives |
| 176 | + |
| 177 | + http://archives.java.sun.com/archives/java-security.html |
| 178 | + |
| 179 | + o The Java Developer Connection(SM) forums. These discussion forums |
| 180 | + allow you to tap into the experience of other users, ask |
| 181 | + questions, or offer tips to others on a variety of Java-related |
| 182 | + topics including JCE. There is no fee to participate. |
| 183 | + |
| 184 | + http://forum.java.sun.com/ |
| 185 | + |
| 186 | + |
| 187 | +Support |
| 188 | +------- |
| 189 | + |
| 190 | +For more extensive JCE questions or deployment issues, please contact |
| 191 | +our Technical Support staff at: |
| 192 | + |
| 193 | + http://developers.sun.com/prodtech/support/ |
| 194 | + |
| 195 | +Please be aware that we may be barred from offering technical support |
| 196 | +specifically regarding encryption implementations of the JCE APIs to |
| 197 | +people outside the U.S. or Canada, according to U.S. regulations. |
| 198 | + |
| 199 | + |
| 200 | +Reporting Bugs |
| 201 | +-------------- |
| 202 | + |
| 203 | +To report bugs with sample code or request a feature, please see: |
| 204 | + |
| 205 | + http://java.sun.com/cgi-bin/bugreport.cgi |
| 206 | + |
| 207 | +Bug reports with test cases are highly appreciated! |
| 208 | + |
| 209 | + |
| 210 | +Feedback |
| 211 | +-------- |
| 212 | + |
| 213 | +Please e-mail general comments about JCE to: |
| 214 | + |
| 215 | + |
| 216 | + |
| 217 | +The above mailing list is not a subscription list or a support |
| 218 | +mechanism. It is simply a one-way channel that you can use to |
| 219 | +send comments to the Java Standard Edition security team. |
| 220 | +Please include the keyword "JAVASEC" in the Subject of your |
| 221 | +email so it can be distinguished from spam. |
| 222 | + |
| 223 | +Though we value your input, before sending your feedback please review |
| 224 | +our pages of Frequently Asked Questions, available from the JCE web |
| 225 | +site: |
| 226 | + |
| 227 | + http://java.sun.com/products/jce |
| 228 | + |
| 229 | +and search the Java Security Q&A Archives: |
| 230 | + |
| 231 | + http://archives.java.sun.com/archives/java-security.html |
| 232 | + |
| 233 | +Please note that due to the volume of messages we receive, we |
| 234 | +may not be able to respond to every individual message. |
| 235 | + |
| 236 | +For other comments/suggestions concerning the web sites please |
| 237 | +use the feedback form at: |
| 238 | + |
| 239 | + http://java.sun.com/feedback/index.html |
0 commit comments