java security invalidkeyexception illegal key size resolution.
If you worked with AES-256 (AES with 256 bit keys) on Java, you probably faced with the following error:java.security.InvalidKeyException: Illegal key size or default parameters
This error indicates that your JVM does not support unlimited security strength. And so, your Java installation supports only 128 bit keys by default. To overcome this issue you must install a “JCE Unlimited Strength Jurisdiction Policy File” to your JRE location. You can follow these steps:
- Download a JCE policy file that is compatible with your JVM installation
- For Java 6: JCE Unlimited Strength Jurisdiction Policy File 6
- For Java 7: JCE Unlimited Strength Jurisdiction Policy File 7
- For Java 8: JCE Unlimited Strength Jurisdiction Policy File 8
- Unzip the downloaded policy file.
- Copy local_policy.jar and US_export_policy.jar to
$JAVA_HOME/jre/lib/security
folder and replace the existing files. - Restart your application and now you are able to use AES keys longer than 128 bits (i.e. 192 and 256 bit keys).