Installing Policy Files and
Bouncy Castle Provider
Installing Policy Files and
Bouncy Castle Provider
Step 1: Test that the correct Jurisdiction Policy Files Are Installed
Because there are restrictions on which cryptography can be exported out of the US, Java has various policy files that define the limits on, for example, key lengths. Ensure you have the unrestricted policy files. Download the examples available here, change into the bin directory and run: java chapter1/SimplePolicyTest
This should return:
64 bit test: passed
192 bit test: passed
Tests completed
If you throw and exception or receive another failure, you may not have the correct policy files installed. You can find the unrestricted policy files here.
Step 2: Installing the Bouncy Castle Provider
Visit the Bouncy Castle Latest Releases page.
Download the provider appropriate for your java version (e.g. 1.3, 1.4, 1.5, etc). It should be called bcprov-jdkXX-138.jar where XX is your java version.
Place this jar file in the jre/lib/ext (on Mac/*nix) or jre\lib\ext (on Windows). I’m not sure where the default location on Windows is, but search for the path or other the location of other jar files. On my mac, the path was: /System/Library/Frameworks/JavaVM.framework/Versions/1.5.0/Home/lib/ext/
Enable the provider by editing the file jre/lib/security. Find the lines that look like:
security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
Add the following line to the end of the list:
security.provider.N=org.bouncycastle.jce.provider.BouncyCastleProvider
where N is the next number in the sequence.
Step 3: Test Bouncy Castle Provider Installation
In the example code, change to the bin directory and run: java chapter1.SimpleProviderTest. If you see:
BC provider is installed
You’re all done.