Translate

September 3, 2013

Caused by: java.security.InvalidKeyException: Illegal key size

Java Crypto Error

The problem

You may come across a stack trace saying java.security.InvalidKeyException: Illegal key size when using some encryption library and wonder why.  Here is an example:
java.lang.IllegalArgumentException: Unable to initialize due to invalid secret key
 at org.springframework.security.crypto.encrypt.CipherUtils.initCipher(CipherUtils.java:110)
 at org.springframework.security.crypto.encrypt.AesBytesEncryptor.encrypt(AesBytesEncryptor.java:65)
 at org.springframework.security.crypto.encrypt.HexEncodingTextEncryptor.encrypt(HexEncodingTextEncryptor.java:36)
 at ..........
Caused by: java.security.InvalidKeyException: Illegal key size
 at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1024)
 at javax.crypto.Cipher.implInit(Cipher.java:790)
 at javax.crypto.Cipher.chooseProvider(Cipher.java:849)
 at javax.crypto.Cipher.init(Cipher.java:1348)
 at javax.crypto.Cipher.init(Cipher.java:1282)

The reason

There can be multiple reason but this is usually due to a missing implementation of the encryption algorithm or some restriction in key length from old times.

The solution

Quite simply, you need to add the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files". You can get it from here for Java 7 and here for Java 6. Just unpack it and copy the jar files to </path/to/jre>/lib/security/ and restart your application.
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)