search

mrpdaemon / encfs-java

encfs-java is a Java library for accessing data in EncFS volumes
GNU Lesser General Public License v3.0
42 stars 15 forks source link

Add comment in the README.md to advise people of installing Unlimited Strength Jurisdiction Policy Files #2

Closed aefo closed 12 years ago

aefo commented 12 years ago

I was running it locally & getting an "Illegal key size" error (as my key length was 256-bit AES). I needed to install the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files

http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html

It would be helpful for a note to be included in README.md for people getting started.

mrpdaemon commented 12 years ago

Yeah it is a PITA to keep installing those files every time I update the Sun JDK. Good point about adding this to the README.md. I will definitely do that.

aefo commented 12 years ago

Thanks,

Perhaps a seperate issue for the future, but FYI, it looks as if using BouncyCastle (http://www.bouncycastle.org/java.html) directly should allow avoiding needing to change the policy files. The policy restrictions are enforced by the JCE not by the provider implementation, so creating the ciphers directly would skip that. (Trading easier / portable deployment for implementation dependency, but that dependency could probably be hidden away...).

http://stackoverflow.com/questions/3870784/reimplement-aes-encryption-using-third-party-java-library-without-us-law-limitat

mrpdaemon commented 12 years ago

I've added the comments you've suggested to README.md

I've considered using BouncyCastle when I started implementing this library. It didn't work out too well for me, because I'm actually implementing this library for an Android application, and I remember reading somewhere that it isn't straightforward to use BouncyCastle under Android. That might not be the case though, since I've never tried. Patches welcome :)

aefo commented 12 years ago

Great, thanks.

Yes, there are problems with android having an old version of BC packaged with it. The solution is to use SpongyCastle. This is a simple repackage of BC to change the package names so that they don't conflict so works on android.

Andrew

From: mrpdaemon reply@reply.github.com Sent: Fri Dec 16 09:54:14 GMT 2011 To: aormerod aefo@ormerods.net Subject: Re: [encfs-java] Add comment in the README.md to advise people of installing Unlimited Strength Jurisdiction Policy Files (#2)

I've added the comments you've suggested to README.md

I've considered using BouncyCastle when I started implementing this library. It didn't work out too well for me, because I'm actually implementing this library for an Android application, and I remember reading somewhere that it isn't straightforward to use BouncyCastle under Android. That might not be the case though, since I've never tried. Patches welcome :)

Reply to this email directly or view it on GitHub: https://github.com/mrpdaemon/encfs-java/issues/2#issuecomment-3175345