The symmetric
key wrap, or private key cryptography, algorithms include:
- Triple DES key wrap: http://www.w3.org/2001/04/xmlenc#kw-tripledes
- AES key wrap (aes128): http://www.w3.org/2001/04/xmlenc#kw-aes128
- AES key wrap (aes256): http://www.w3.org/2001/04/xmlenc#kw-aes256
Restriction: To use the 256–bit AES encryption algorithm,
you must apply the unlimited jurisdiction policy files. To remain
in compliance, see Basic Security Profile compliance tips.
Before
downloading these policy files, back up the existing policy files
prior to overwriting them, in case you want to restore the original
files later. The existing policy files, which are the local_policy.jar and US_export_policy.jar files,
are located in the app_server_root/java/jre/lib/security/ directory.
Important: Your country of origin
might have restrictions on the import, possession, use, or re-export
to another country, of encryption software. Before downloading or
using the unrestricted policy files, you must check the laws of your
country, its regulations, and its policies concerning the import,
possession, use, and re-export of encryption software, to determine
if it is permitted.
For
application server platforms using IBM Developer
Kit, Java Technology Edition Version 5, you can obtain
unlimited jurisdiction policy files by completing the following steps:
- Visit the IBM developerWorks: Security Information Web
site.
- Click Java 5.
- Click IBM SDK Policy files.
The Unrestricted
JCE Policy files for SDK 5 Web site is displayed.
- Enter your user ID and password or register with IBM to
download the policy files. The policy files are downloaded onto your
workstation.
For more information on the algorithm suite
components, see Algorithms settings.