Java Security: Illegal key size or default parameters?

使用AES加密时，当密钥大于128时，代码会抛出java.security.InvalidKeyException: Illegal key size or default parameters

Illegal key size or default parameters是指密钥长度是受限制的，java运行时环境读到的是受限的policy文件。文件位于${java_home}/jre/lib/security

这种限制是因为美国对软件出口的控制。

java.security.InvalidKeyException: Illegal key size at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039) ~[na:1.8.0_71] at javax.crypto.Cipher.implInit(Cipher.java:805) ~[na:1.8.0_71] at javax.crypto.Cipher.chooseProvider(Cipher.java:864) ~[na:1.8.0_71] at javax.crypto.Cipher.init(Cipher.java:1396) ~[na:1.8.0_71] at javax.crypto.Cipher.init(Cipher.java:1327) ~[na:1.8.0_71]

解决办法：

去掉这种限制需要下载Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.网址如下。

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 Download

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download

And Install the file in ${java.home}/jre/lib/security/.

${java.home} refers to your installation directory of Java

for mac:

1. open finder
2. press command + shift + g
3. type /Library/Java/JavaVirtualMachines
4. navigate to your version of JDK
5. then Contents/Home/jre/lib/security
6. unzip the downloaded file and place all files inside here

for CLI

unzip downloaded_policy_file.zip -d /Library/Java/JavaVirtualMachines//Contents/Home/jre/lib/security/

mv /Library/Java/JavaVirtualMachines//Contents/Home/jre/lib/security/UnlimitedJCEPolicyJDK/* /Library/Java/JavaVirtualMachines//Contents/Home/jre/lib/security
rm -rf Library/Java/JavaVirtualMachines//Contents/Home/jre/lib/security/UnlimitedJCEPolicyJDK/