Using hardware cryptography

Cryptography within the existing JCE architecture gives Java 2 programmers security and performance advantages of hardware cryptography with minimal changes to existing Java applications.

To use hardware cryptographic function provided by the IBMJCECCA provider:
  1. Edit the java.security file in the ${java-home}/lib/security directory so that it contains the following lines:
    security.provider.1=com.ibm.crypto.hdwrCCA.provider.IBMJCECCA
    security.provider.2=com.ibm.crypto.provider.IBMJCE  
  2. Copy the unrestricted policy files from the ${java-home}/demo/ jce/policy-files/unrestricted directory to the ${java-home}/lib/security directory.
If you intend to use the keytool command to create JKS files that do not use hardware encryption:
  1. Edit the java.security file to remove the line that references JCE4758.
  2. Create the keystores.
  3. If you intend to use hardware cryptography as well, reinstate the line in the java.security file.

Information Information

Feedback


Timestamp icon Last updated: Tuesday, 19 November 2013


https://ut-ilnx-r4.hursley.ibm.com/tgzos_latest/help/topic/com.ibm.cics.tg.zos.doc//ctgzos/ccl11se2nni.html