how to resolve Exception in thread "main" com.amazonaws.AmazonClientException: Unable to build cipher: Illegal key size using aws s3

Question

I am trying for encryption and decryption using amazon aws. I got exception like

 Exception in thread "main" com.amazonaws.AmazonClientException: Unable to build cipher: Illegal key size
    Make sure you have the JCE unlimited strength policy files installed and configured for your JVM
        at  com.amazonaws.services.s3.internal.crypto.ContentCryptoScheme.createCipherLite(ContentCryptoScheme.java:190)
        at com.amazonaws.services.s3.internal.crypto.ContentCryptoMaterial.wrap(ContentCryptoMaterial.java:823)
        at com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.buildContentCryptoMaterial(S3CryptoModuleBase.java:535)
        at com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.newContentCryptoMaterial(S3CryptoModuleBase.java:483)
        at com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.createContentCryptoMaterial(S3CryptoModuleBase.java:449)
        at com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.putObjectUsingMetadata(S3CryptoModuleBase.java:165)
        at com.amazonaws.services.s3.internal.crypto.S3CryptoModuleBase.putObjectSecurely(S3CryptoModuleBase.java:159)
        at com.amazonaws.services.s3.internal.crypto.CryptoModuleDispatcher.putObjectSecurely(CryptoModuleDispatcher.java:107)
        at com.amazonaws.services.s3.AmazonS3EncryptionClient.putObject(AmazonS3EncryptionClient.java:485)
        at testKMSkeyUploadObject.main(testKMSkeyUploadObject.java:91)
    Caused by: java.security.InvalidKeyException: Illegal key size
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
        at javax.crypto.Cipher.implInit(Cipher.java:805)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1396)
        at javax.crypto.Cipher.init(Cipher.java:1327)
        at com.amazonaws.services.s3.internal.crypto.ContentCryptoScheme.createCipherLite(ContentCryptoScheme.java:187)
        ... 9 more

please help me.

when I was trying to put object for doing encryption using AmazonS3EncryptionClient I am getting exception. How to resolve this error.

AmazonS3EncryptionClient s3 = new AmazonS3EncryptionClient(credentials,materialProvider);

PutObjectRequest putRequest = new PutObjectRequest(
                            bucket, kms_cmk_id, new ByteArrayInputStream(plaintext), metadata);

ObjectMetadata objectMetadata = new ObjectMetadata();
                    objectMetadata.setSSEAlgorithm(ObjectMetadata.AES_256_SERVER_SIDE_ENCRYPTION);   

putRequest.setMetadata(objectMetadata);
System.out.println(putRequest.getKey());
s3.putObject(putRequest); //getting exception here

Answer 1

It seems the problem is with key size and IMO Amazon has hard coded it somewhere in their code. The solution may be to go for unlimited strength file which you can download from:

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 Download

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download

Install the file in ${java.home}/jre/lib/security/.