Oracle® Security Developer Tools Reference
10g Release 2 (10.1.2) B15975-01 |
|
Previous |
Next |
The Java Cryptography Extension (JCE) from Sun Microsystems is an optional package to the Java 2 platform. It is a framework for implementing encryption, key generation and key agreement, and Message Authentication Code (MAC) algorithms.
The Oracle JCE Provider package supplies a concrete implementation of a subset of the cryptographic services defined in JCE 1.2.1.
This chapter contains these topics:
Oracle JCE Provider supports a number of cryptographic algorithms in the following application areas:
Ciphers -
AES
Blowfish
DES
Triple DES
DSA
RC2
RSA
RC4
PBE with MD2/MD5/SHA1 and DES/RC2/Triple DES/RC4
KeyAgreement: Diffie-Hellman with two or more parties
PKCS5Padding and NoPadding support for:
RSA
AES
DES
Triple DES
RC2
Blowfish
PKCS1Padding and OAEPPadding for RSA
Support for standard key ranges
KeyFactory:
RSA
DSA
Diffie-Hellman
SecretKeyFactory:
Support for X.509EncodedKeySpec and PKCS8EncodedKeySpec
KeyPairGeneration:
RSA
DSA
Diffie-Hellman
Note: While the minimum acceptable strength is 512, Oracle JCE Provider supplies a default strength of 1024. |
KeyGeneration:
AES
Blowfish
DES
Triple DES
RC2
RC4
HMAC-MD5
HMAC-SHA1
Standard default parameters for DSA (same as those provided by SunJCE)
Message Digests:
MD2
MD5
SHA-1
SHA-256
SHA-284
SHA-512
Signatures:
SHA1withDSA
MD5withRSA
SHA1withRSA
MD2withRSA
MAC:
HMAC-MD5
HMAC-SHA1
Support for standard ASN1 encodings
SecureRandom:
MD5PRNG
SHA1PRNG
Pseudo-random number generators, using proprietary algorithms based on the Bruce Schneier/Applied Cryptography design pattern
Key Store:
PKCS#8
PKCS#12
The Oracle Security Developer Tools are installed with Oracle Application Server in ORACLE_HOME
. This section explains how to set up your environment for Oracle JCE Provider. It contains these topics:
Oracle JCE Provider is compatible with Java Cryptography Extension (JCE) version 1.2.1. In order to use Oracle JCE Provider, you must install JCE 1.2.1 on your system.
The Java Cryptography Extension is available from Sun Microsystems at:
Add the following line to your java.security
file, which is usually located in $JAVA_HOME/jre/lib/security
:
security.provider.1=com.phaos.jce.provider.Phaos
When installing the distribution files, the location of the Oracle JCE Provider jar
file depends on where the JCE 1.2.1 framework is installed:
If the JCE 1.2.1 framework is an "installed" extension
If the JCE 1.2.1 framework is an installed extension, the following files:
jce1_2_1.jar
jce_provider_jdk1x.jar
US_export_policy.jar
local_policy.jar
must appear in the standard location for jar
files of an installed extension:
File | Platform |
---|---|
$JAVA_HOME\lib\ext
|
Win32 |
$JAVA_HOME/lib/ext
|
Solaris |
where $JAVA_HOME
refers to the directory where the Java software is installed.
If the JCE 1.2.1 framework is located on the classpath
If the JCE 1.2.1 framework is not installed as an extension but instead is located on the class path, and a security manager is installed, you need to grant permissions to the JCE 1.2.1 framework and JCE providers when you run applets or applications using JCE.
Your CLASSPATH
environment variable must contain the full path and file names to the required jar and class files. Make sure that the the following files are included in your CLASSPATH
:
osdt_core3.jar
osdt_jce.jar
To set your CLASSPATH
on Windows:
In your Windows Control Panel, select System.
In the System Properties dialog, select the Advanced tab.
Click Environment Variables.
In the User Variables section, click New to add a CLASSPATH
environment variable for your user profile. If a CLASSPATH
environment variable already exists, select it and click Edit.
Add the full path and file names for all of the required jar and class files to the CLASSPATH
.
For example, your CLASSPATH
might look like this:
C:\ORACLE_HOME\jlib\osdt_core3.jar; C:\ORACLE_HOME\jlib\osdt_jce.jar
Click OK.