The Penrose Project

• Overview
  • News
  • FAQ
  • Features
  • Licenses
  • Download
  • Demo
• Documentation
  • Quick Start
  • Version 1.2 (in development)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Version 1.1 (stable)
    • Complete
    • Server User Guide
    • Studio User Guide
    • Developer Guide
    • Embedding Penrose
    • Javadoc
  • Use Cases
  • Community Wiki
• Developer
  • Nightly Builds
  • Code Repository
  • Road Map
  • Change Log
  • Project Management
• Support
  • WebChat
  • Forum & List
  • Bug/Feature Tracker
  • Team
  • Contact

Installing Security Provider

Introduction

If you need to use custom encryption, such as SHA-*, to use with Penrose you need to install Bouncy Castle security provider. This instruction assumes that you have installed JDK 1.4 or later in a directory that we refer as JAVA_HOME.

Installing Bouncy Castle Security Provider

Download the latest Bouncy Castle provider (bcprov-jdkXX-xxx.jar) for your JDK, then put it in JAVA_HOME/jre/lib/ext.

Edit JAVA_HOME/jre/lib/security/java.security. Find the list of security providers:

security.provider.1=sun.security.provider.Sun
security.provider.2=com.sun.net.ssl.internal.ssl.Provider
security.provider.3=com.sun.rsajca.Provider
security.provider.4=com.sun.crypto.provider.SunJCE
security.provider.5=sun.security.jgss.SunProvider

In the above example there are 5 registered providers. Add the Bouncy Castle provider at the bottom of the list (#6).

security.provider.6=org.bouncycastle.jce.provider.BouncyCastleProvider

Installing JCE Unlimited Strength Jurisdiction Policy Files

Download JCE Unlimited Strength Jurisdiction Policy Files for your JDK:

• JDK 1.4 (see under "Other Downloads")
• JDK 1.5 (see under "Other Downloads")

Copy the local_policy.jar and US_export_policy.jar into JAVA_HOME/jre/lib/security. You might want to back up your old files first.

References

• http://www.bouncycastle.org/specifications.html