How to handle “java.security.InvalidKeyException: Illegal key size”

Many of us are using AES encryption. If we would try to do a 256 bit encryption, we would encounter this exception. This exception is thrown because of a restriction imposed by default JDK. On a default JDK installation, AES is limited to 128 bit key size. In order to perform 256-bit AES encryption, you will need to download and install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files. We need to use different version of files for different JDK versions. The below table contains link to the appropriate JCE files for the respective JDK versions.

JDK 1.6    Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6
JDK 1.7    Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7
JDK 1.8    Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8

Please download the archive. The archive would contain 2 jar files, namely local_policy.jar and US_export_policy.jar. Extract the jar files from the archive and save them into ${java.home}/jre/lib/security/. This would solve the issue.

Author: Aditya Bhuyan

I am an IT Professional with close to two decades of experience. I mostly work in open source application development and cloud technologies. I have expertise in Java, Spring and Cloud Foundry.

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s