java.security.InvalidKeyException: Illegal key size or default parameters

I was working on webservice call where my code was breaking in RAD during decrypting the password of keystore. I encountered below error:

Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
    at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]
    at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]
    at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]
    at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6]
    at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6]

There are key size restrictions with the default crypto files local_policy.jar and US_export_policy.jar comes with JDK – which limits it to 128. If your security policy using a key size larger than this – then the above exception is thrown.

For example – if your security policy specifies the algorithmic suite as Basic256 – then the key size to be used is 256.

For the solution of above issue, you need to patch your JDK with Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

For JDK1.5 visit, download the crypto files and copy the two jar files from the extracted jce directory (local_policy.jar and US_export_policy.jar) to $JAVA_HOME/jre/lib/security.

For JDK1.6 visit

If your IDE using it’s own specific JDK then patch that as well with these files to resolve the issue.

About nitingautam

I am Tech Lead (Java/J2EE/ExtJs) with a MNC located @ Gurgaon.
This entry was posted in Axis2, Java, Rampart and tagged , , , . Bookmark the permalink.

One Response to java.security.InvalidKeyException: Illegal key size or default parameters

  1. There’s definately a lot to know about this topic.
    I really like all the points you’ve made.

Leave a Reply

Your email address will not be published. Required fields are marked *