I would like to configure the Oracle JDK to use IBM's FIPS-compliant JCE/JSSE security providers. What JAR files do I need and where should they be installed? What should the provider list in the java.security
file look like?
I'm using IBMJCE on sun jdk5 and it works fine. It may be similar to fips, I guess
You need ibmjceprovider.jar, ibmpkcs.jar, ibmjcefips.jar
You can find them in ibm jre
The code like this
static{
//install ibm's provider
java.security.Security.addProvider(new IBMJCE());
}
public byte[] encrypt(byte[] input)throws SecurityException{
KeyGenerator kg = KeyGenerator.getInstance("DES");
//call ibm's provider
SecureRandom sr = SecureRandom.getInstance("IBMSecureRandom", new IBMJCE());
sr.setSeed(str.getBytes());
kg.init(sr);
Key key = kg.generateKey();
Cipher cipher = Cipher.getInstance("DES");
cipher.init(1, key);
byte[] ret = cipher.doFinal(input);
return ret;
}
This is an old post but anyway...
IBM JVM is FIPS compliant when configuring it to use IBMJCEFIPS provider.
This is applicable only to IBM Java though.
Not drop the jars in a SUN JDK.
For SUN you should use the NSS project which is also FIPS compliant
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With