If one of the following exceptions is thrown in your application while trying to use strong encryption with key lengths of more than 128 bits, the cause for this is most likely a missing Java Cryptography Extension (JCE):
- java.security.InvalidKeyException: Illegal key size
- Cryptographic key type aes256-cts-hmac-sha1-96 not found
- Encryption type AES256 CTS mode with HMAC SHA1-96 is not supported/enabled
The solution is to install the Zulu Cryptography Extension Kit (Zulu CEK) into the JVM. Azul's JVMs Zing and Zulu ship with strong encryption, though limited to key lengths of up to 128 bit. That's the same as standard OpenJDK. The Zulu CEK provides an upgrade to 'unlimited' key sizes. After installing the Zulu CEK, you can use for example AES 256 bits for https, SSL/TLS, Kerberos or other applications of encryption.
The Zulu CEK is compatible to Java SE 6, 7 and 8 on Zing and Zulu.
ZIP for download and installation documentation: