Home Explore Help
Register Sign In
AIP
/
AipGateway.API
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: ae15b3dc51
Branches Tags
AipGateway.API
/
app-install
/
jre
/
conf
/
security
/
policy
/
README.txt

README.txt 2.3 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 
  1. 

  2.             Java(TM) Cryptography Extension Policy Files
    3. 

  3.     for the Java(TM) Platform, Standard Edition Runtime Environment
    4. 

  4. 

  5.                                README
    6. 

  6. ------------------------------------------------------------------------
    7. 

  7. 

  8. Import and export control rules on cryptographic software vary from
    9. 

  9. country to country.  The Java Cryptography Extension (JCE) architecture
    10. 

  10. allows flexible cryptographic key strength to be configured via the
    11. 

  11. jurisdiction policy files which are referenced by the "crypto.policy"
    12. 

  12. security property in the <java-home>/conf/security/java.security file.
    13. 

  13. 

  14. By default, Java provides two different sets of cryptographic policy
    15. 

  15. files:
    16. 

  16. 

  17.     unlimited:  These policy files contain no restrictions on cryptographic
    18. 

  18.                 strengths or algorithms
    19. 

  19. 

  20.     limited:    These policy files contain more restricted cryptographic
    21. 

  21.                 strengths
    22. 

  22. 

  23. These files reside in <java-home>/conf/security/policy in the "unlimited"
    24. 

  24. or "limited" subdirectories respectively.
    25. 

  25. 

  26. Each subdirectory contains a complete policy configuration,
    27. 

  27. and subdirectories can be added/edited/removed to reflect your
    28. 

  28. import or export control product requirements.
    29. 

  29. 

  30. Within a subdirectory, the effective policy is the combined minimum
    31. 

  31. permissions of the grant statements in the file(s) matching the filename
    32. 

  32. pattern "default_*.policy".  At least one grant is required.  For example:
    33. 

  33. 

  34.     limited   =  Export (all) + Import (limited)  =  Limited
    35. 

  35.     unlimited =  Export (all) + Import (all)      =  Unlimited
    36. 

  36. 

  37. The effective exemption policy is the combined minimum permissions
    38. 

  38. of the grant statements in the file(s) matching the filename pattern
    39. 

  39. "exempt_*.policy".  Exemption grants are optional.  For example:
    40. 

  40. 

  41.     limited   =  grants exemption permissions, by which the
    42. 

  42.                  effective policy can be circumvented.
    43. 

  43.                  e.g.  KeyRecovery/KeyEscrow/KeyWeakening.
    44. 

  44. 

  45. Please see the Java Cryptography Architecture (JCA) documentation for
    46. 

  46. additional information on these files and formats.
    47. 

  47. 

  48. YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY
    49. 

  49. TO DETERMINE THE EXACT REQUIREMENTS.
    50. 

  50. 

  51. Please note that the JCE for Java SE, including the JCE framework,
    52. 

  52. cryptographic policy files, and standard JCE providers provided with
    53. 

  53. the Java SE, have been reviewed and approved for export as mass market
    54. 

  54. encryption item by the US Bureau of Industry and Security.
    55.