5 Replies Latest reply: Jun 7, 2013 1:55 PM by gimbal2 RSS

    Exception in PGP Decryption

    1013276
      Hi ,

      I updated my policy files to resolve the pgp encryption issue (com.didisoft.pgp.PGPException: error setting asymmetric cipher : Illegal key siz) it works fine ,
      but when i'm building the jar and keeping the same in different server it gives the same exception again , Is there any way i can force my program to read the US_policy & local_policy jar files in my lib folder for encryption rather then reading \Java\jdk1.5.0_07\jre\lib\security\ US_policy & local_policy jar .
      The issue is many other programs use that system (server) to run there jobs , I'm scared if i change US_policy & local_policy jar inside \Java\jdk1.5.0_07\jre\lib\security\ US_policy & local_policy jar for the server it might affect other jobs running on that system.

      Thanks
        • 1. Re: Exception in PGP Decryption
          jtahlborn
          Seeing as this policy is a pretty low-level, security-critical part of the jvm, i highly doubt it is something you can change from within the jvm (it's most likely loaded in an unmodifiable way long before any user level code is executed). i'm also not aware of any command line property which can affect the encryption strength policy.

          i can't imagine how updating the system jvm to the unlimited strength policy files could negatively affect other java processes on the system, but i guess it's possible.
          • 2. Re: Exception in PGP Decryption
            DarrylBurke
            Cross posted
            http://www.java-forums.org/advanced-java/75654-exception-pgp-decryption.html

            db
            • 3. Re: Exception in PGP Decryption
              gimbal2
              jtahlborn wrote:
              i can't imagine how updating the system jvm to the unlimited strength policy files could negatively affect other java processes on the system, but i guess it's possible.
              I never experienced any hint of a change in behavior, other than being able to apply stronger encryption of course.
              • 4. Re: Exception in PGP Decryption
                jtahlborn
                gimbal2 wrote:
                jtahlborn wrote:
                i can't imagine how updating the system jvm to the unlimited strength policy files could negatively affect other java processes on the system, but i guess it's possible.
                I never experienced any hint of a change in behavior, other than being able to apply stronger encryption of course.
                sure, same here. only thing i could imagine was the possibility that a program depends (probably not intentionally) on higher strength not being available.
                • 5. Re: Exception in PGP Decryption
                  gimbal2
                  Intriguing thought. It -could- happen in countries where such encryption strength is not allowed, I guess... Of course your software sucks if it breaks down because of that.