I'm making my very own cracked player auth plugin so I had a great idea on how to 'store' password. I make a key by SHA256ing the password to get a 256-bit key and using some SecretKeySpi stuff. Then I encrypt a 311 long String and keep that in a final variable. I keep the IV (Initial Vectors) also in a final variable When I need to check, I try to decrypt the encrypted text with the given passphrase key (again SHA256 and SecretKeySpi). If I can decrypt it and the decrypted text is equal to my 311 long String I return true, otherwise false. My problem: I was trying to make the keys 256 bits with AES (Asymmetrical encryption wouldn't make much sense here). I tried to make the key but I would always get and Exception of something like InvalidKeyException. So I thought I would use BouncyCastle. Add add their provider and put Code (Text): // OLD Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding"); // NEW Cipher newCipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC"); // I would have registered BC in Security with a static thing like static { Security.addProvider(new BouncyCastleProvider()); } But still, I would get the same error message but from a class from org.bouncycastle Then, I discovered something by the name of Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy (It was that big when I copied it from here so I made it bold) So I download the files and I put it in C:\Program Files\Java\jre1.8.0_121\lib\security and then I STILL get the same error Exception. Any help?
Oh xD I'm SHA256 using it for keys when I could use it to just hash the passwords. Anyway I got it working I had to put the files also in my JDK's JRE instance (who knew?)
