Today while learning how to encrypt data at client before loading to S3, I came across the javax.crypto package a lot.

Here is the sample code from AWS showing how to use symmetric key to encrypt data at client. However, after setting up the Eclipse plugin, Java SDK, I managed to generate the secret key file which is 32Bytes (256bit :)), however, when I run the second code, S3ClientSideEncryptionWithSymmetricMasterKey, it gave me errors around encryption – “Illegal key size or default parameters”. A quick google point me to Stackoverflow, of course.

I did a quick check of the key size limit on my machine by doing:

import javax.crypto.Cipher;
System.out.println(Cipher.getMaxAllowedKeyLength(“AES”));

And it showed only 128, which explains why it is unable to handle 256bit AES key, after following the JCE (Java Cryptography Extension) and copy the extension and policy files to the JRE->lib->Security folder, everything works now.