问题
I want to use AES 256bit encryption with Bouncy Castle and I'm wondering if the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files" are still required despite BC because I'm receiving a java.security.InvalidKeyException: Illegal key size exception for the following code:
public class AES256 {
public static void main(String[] args) throws Exception {
Security.addProvider(new BouncyCastleProvider());
final KeyGenerator keyGen = KeyGenerator.getInstance("AES");
keyGen.init(256); // doesn't work for 192, too
final byte[] encoded = keyGen.generateKey().getEncoded();
final SecretKeySpec keySpec = new SecretKeySpec(encoded, "AES");
final Cipher c = Cipher.getInstance("AES/CBC/PKCS5Padding", "BC");
// Please ignore static IV for this example
final IvParameterSpec iv = new IvParameterSpec(new byte[]{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15});
c.init(Cipher.ENCRYPT_MODE, keySpec, iv); // throws java.security.InvalidKeyException: Illegal key size
}
}
What am I missing? Is there a way to use 256bit keys without the Unlimited Strength Policy files?
回答1:
First question in the bouncycastle FAQ.
来源:https://stackoverflow.com/questions/12895031/aes-256bit-encryption-with-bouncy-castle-unlimited-strength-policy-still-requir