Installing the java unrestricted policy files outside the defualt locations
In our application, we are making use of java based gpg encryption/decryption. For this we are using the Bouncy Castle library which provides a java implementation. For using this, it needs the unrestricted policy files for java.
Scenario A:
On my desktop I downloaded the policy files and placed them as follows:
1. Download the policy files from
http://java.sun.com/javase/downloads/index_jdk5.jsp (Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 5.0) 2. Copied the local_policy.jar,US_export_policy.jar files from the download to my C:\jdk1.5.0_09\jre\lib\security directory.
3. Placed the bcprov-jdk15-136.jar, bcpg-jdk15-136.jar on my application class-path.
4. Use the security provider (Security.addProvider(new
BouncyCastleProvider());) in my code.
This works fine and am able to encrypt/decrypt using the gpg classes.
Scenario B:
Now we need to move the code to our unix boxes for deployment. But the jdk is shared amongst multiple applications on the unix box, so we cant modify or update the policy files, so we need to override those at run time.
1. If I keep the unlimited policy files at a custom location say /myapp/lib/local_policy.jar, /myapp/lib/US_export_policy.jar 2. Add these jars to my application class-path.
This doesn't work and it throws the usual
"java.security.InvalidKeyException: Illegal key size or default parameters" exception. What additional steps are needed to make this scenario work? Any suggestions?
- Vinay S
