Computer Security
 » 
Encryption and Cryptography
 » 
Bouncy Castle
 » 
Bouncy Castle - Dev

Using unlimited strength encryption without being tied to US_export_policy.jar and local_policy.jar

View: New views
2 Messages — Rating Filter:   Alert me  

Using unlimited strength encryption without being tied to US_export_policy.jar and local_policy.jar

by Robert Taylor-19 :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Some parts of this message have been removed. Learn more about Nabble's security policy.
Greetings,
 
I have a Swing application where I need to use encryption strength beyond 128.
I want to distribute this application but don't want to have to deal with the legal aspects
of the unlimited strength US_export_policy.jar and local_policy.jar files.
Someone mentioned to me that i should use Bouncy Castle native API without JCE however I cannot find
any examples of this.
 
I see several places in the docs where i need to use the unlimited strength policy files.
 
Any advice would be appreciated.
 
Thanks.
 
/robert

Re: Using unlimited strength encryption without being tied to US_export_policy.jar and local_policy.jar

by David Hook-2 :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message


The best place to look for examples of the lightweight API is in the
org.bouncycastle.crypto.test package. There are tests for each algorithm
and peace of functionality.

This will get you around the technical aspects of having to use the
policy files for the JCE. The legal aspects are a little more complex,
if you are based in the US, and you are planing to export, you need to
talk to BIS (caveat, I'm an Australian, and definitely not a lawyer).

Regards,

David

On Fri, 2009-10-16 at 08:31 -0400, Robert Taylor wrote:

> Greetings,
>  
> I have a Swing application where I need to use encryption strength
> beyond 128.
> I want to distribute this application but don't want to have to deal
> with the legal aspects
> of the unlimited strength US_export_policy.jar and local_policy.jar
> files.
> Someone mentioned to me that i should use Bouncy Castle native API
> without JCE however I cannot find
> any examples of this.
>  
> I see several places in the docs where i need to use the unlimited
> strength policy files.
>  
> Any advice would be appreciated.
>  
> Thanks.
>  
> /robert


Free embeddable forum powered by Nabble Forum Help