AES 256-bit keys and Coldfusion
This week seams to be the Java week. Just yesterday I’ve posted about my experience on installing Java 7 on MacOS X 10.8.2 and today comes another Java one. This time, it is about the 256-bit AES keys and Coldfusion (well my choice is the open source CFML engine called OpenBD).
Since I’m working currently on a project that needs to exchange sensitive data with a third party we obviously would like to protect the data with the strongest key, so a AES 256-bit key has been chosen. While the key was valid, my code always threw a “Illegal key size” error message.
As it turns out, this was due that Java did not have the “Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7” bundles installed. Apparently they are needed for any stronger keys then 128-bit keys. You can get the Unlimited Strength bundles from the Oracle site. Installing them is as “simple” as dumping them to the “$JAVA_HOME/lib/security” directory.
While the above seams to be obvious on Linux and Windows I’ve had a hard time to get the correct installation on MacOS X. Somehow this is hidden far down in the paths and not at all obvious. But the correct location to store the security JAR’s is at “/System/Library/Frameworks/JavaVM.framework/Versions/CurrentJDK/Home/jre/lib/security/”.
Hope this helps anyone out there 🙂