Return-Path: 
 <derby-user-return-12041-apmail-db-derby-user-archive=db.apache.org@db.apache.org>
Delivered-To: apmail-db-derby-user-archive@www.apache.org
Received: (qmail 83944 invoked from network); 5 Jan 2010 15:55:12 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (140.211.11.3)
  by minotaur.apache.org with SMTP; 5 Jan 2010 15:55:12 -0000
Received: (qmail 17160 invoked by uid 500); 5 Jan 2010 15:55:11 -0000
Delivered-To: apmail-db-derby-user-archive@db.apache.org
Received: (qmail 17104 invoked by uid 500); 5 Jan 2010 15:55:11 -0000
Mailing-List: contact derby-user-help@db.apache.org; run by ezmlm
Precedence: bulk
list-help: <mailto:derby-user-help@db.apache.org>
list-unsubscribe: <mailto:derby-user-unsubscribe@db.apache.org>
List-Post: <mailto:derby-user@db.apache.org>
List-Id: <derby-user.db.apache.org>
Reply-To: "Derby Discussion" <derby-user@db.apache.org>
Delivered-To: mailing list derby-user@db.apache.org
Received: (qmail 17096 invoked by uid 99); 5 Jan 2010 15:55:11 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Jan 2010 15:55:11 +0000
X-ASF-Spam-Status: No, hits=1.2 required=10.0
	tests=SPF_NEUTRAL
X-Spam-Check-By: apache.org
Received-SPF: neutral (athena.apache.org: local policy)
Received: from [209.85.220.220] (HELO mail-fx0-f220.google.com)
 (209.85.220.220)
    by apache.org (qpsmtpd/0.29) with ESMTP; Tue, 05 Jan 2010 15:55:04 +0000
Received: by fxm20 with SMTP id 20so16802926fxm.15
        for <derby-user@db.apache.org>; Tue, 05 Jan 2010 07:54:43 -0800 (PST)
MIME-Version: 1.0
Received: by 10.216.87.71 with SMTP id x49mr413169wee.11.1262706882710; Tue,
	05 Jan 2010 07:54:42 -0800 (PST)
In-Reply-To: <de07811a1001050654v2cc0f84ey41cc6bad57bc9603@mail.gmail.com>
References: <de07811a1001050654v2cc0f84ey41cc6bad57bc9603@mail.gmail.com>
Date: Tue, 5 Jan 2010 09:54:42 -0600
Message-ID: <44ed9df21001050754t1260e24au36483b4efe3600bf@mail.gmail.com>
Subject: Re: Illegal Key Size problem
From: Sai Pullabhotla <sai.pullabhotla@jmethods.com>
To: Derby Discussion <derby-user@db.apache.org>
Content-Type: text/plain; charset=ISO-8859-1

This normally means that you do not have unlimited strength
jurisdiction policy files installed in the JRE you are using. There
are a couple of JAR files that you can download from Sun/JRE vendor
that you need to place in jre/lib/security folder. Without these
policy files you cannot use strong encryption like a 256-bit keys.

Hope this helps.

Regards,
Sai Pullabhotla





On Tue, Jan 5, 2010 at 8:54 AM, George H <george.dma@gmail.com> wrote:
> Hi,
>
> I have a program that uses Derby 10.5.3.0 to create an embedded DB with an
> encryption key.
> I am using Blowfish/CBC/NoPadding with a key size of 256. I have a windows
> XP and a Linux machine. Both have Sun JDK v1.6 u17 and I installed the JCE
> jar files from the sun site.
>
> The problem is that the DB is being created on my linux machine with no
> problems but, on windows it keeps giving me an error of Illegal Key Size. If
> I switch the encryption to DES with 56bit key then it works fine.
>
> I created a sample program in java to test the Blowfish and it works. It
> just seems to be derby that complains of the illegal key size. Is there
> something I am missing here?
>
> Attached to the email is the log file of derby with the stack trace, should
> it be of help to anyone.
> --
> George H
> george.dma@gmail.com
>