You are writing a Java program to encrypt or de-crypt some data with strong encryption keys but you got an error saying InvalidKeyException: Illegal key size or default parameters. You double checked and triple checked your code and everything seems to be correct but you still get the same exception every time you run your program.
You are probably doing nothing wrong but hit an arbitrary restriction imposed by JDK with default settings. The restriction turns out that the cryptography classes in Java will not allow encryption with a key size of more than 128 bits. The main reason for the restriction is that some countries have restrictions on the permitted key strength of imported encryption software. So, it is the user’s responsibility to verify that this action is permissible under local regulations.
Download JCE Unlimited Strength Jurisdiction Policy Files
If you really need to override the restriction (for example you need to use AES with 256-bit keys), you need download the JCE Unlimited Strength Jurisdiction Policy Files from Java and install the files into your JDK/JRE folder.
- JCE Unlimited Strength Jurisdiction Policy Files for Java 6
- JCE Unlimited Strength Jurisdiction Policy Files for Java 7
- JCE Unlimited Strength Jurisdiction Policy Files for Java 8
Steps to install the JCE Unlimited Strength Jurisdiction Policy Files
- Backup the files in
${java.home}/jre/lib/security/in case the downloaded file does not work. - Download the JCE Unlimited Strength Jurisdiction Policy according to you Java version.
- Decompress the zip file.
- Replace all the files in
${java.home}/jre/lib/security/with the new decompressed files.
Leave a Reply