I'd like to use IBM's FIPS 140-2 certified implementation of JCE. But I am struggling to find out a couple of things:
1) Is it part of (i.e. licensed as part of) IBM's JDK/JVM?
2) Do I have to use it as part of IBM's JDK/JVM or can I use with, say, OpenJVM or Oracle/Sun's versions of Java? Either from a licensing or from a FIPS 140-2 certification point of view.
3) What's the license for commerical use?
Just for information I'm planning on using it as part of a spring-hibernate-jasypt stack to encrypt specified data items in a database. Running on JBoss 5.5, RHEL 5.6 and MySQL 5.0.
Thanks is advance!
NOTICE: developerWorks Community will be offline May 29-30, 2015 while we upgrade to the latest version of IBM Connections. For more information, read our upgrade FAQ.
This topic has been locked.
1 reply Latest Post - 2011-04-15T06:46:17Z by SystemAdmin
Pinned topic Licensing IBM's FIPS 140-2 JCE
Answered question This question has been answered.
Unanswered question This question has not been answered yet.
Updated on 2011-04-15T06:46:17Z at 2011-04-15T06:46:17Z by SystemAdmin
SystemAdmin 110000D4XK2262 PostsACCEPTED ANSWER
Re: Licensing IBM's FIPS 140-2 JCE2011-04-15T06:46:17Z in response to EdwardKenworthyYes, it's shipped along with the IBM JDK and the provider is called IBMJCEFIPS. If you look at jre/lib/java.security, you will find all the security provider implementations that are loaded at startup. These are different for each JVM vendor.
The IBM FIPS provider will only work with IBM JDK, running it with other JDKs is not supported. Oracle have their own FIPS provider, so you can use that if you're restricted to using the Oracle VM.
Since the FIPS provider is not shipped separately, it would be covered by the same terms as the IBM JDK itself. For the record, you cannot obtain the IBM JDK as a separate download for non IBM platforms (read Windows and Linux on x86/AMD64) due to licensing restrictions with Oracle. (Other vendors are not allowed to offer their VMs on the same platforms that Oracle/Sun support). You can use it if you have it as part of a purchased IBM product (mostly everything under Websphere/Rational/Lotus/Tivoli product brands use the IBM JDK at their core).