Due to import control restrictions of some countries, the JCE jurisdiction policy files shipped with the Java SDK allow "strong" but limited cryptography to be used.
An "unlimited strength" version of these files indicating no restrictions on cryptographic strengths is available for those living in eligible countries (which is most countries).
You can download and replace the strong cryptography versions supplied with the Java SDK with the unlimited ones.
You need to update the two JAR files 'local_policy.jar' and 'US_export_policy.jar' files in the JDK's lib/security directory.
Oracle's unlimited strength jurisdiction policy files:
If these policy files are not installed then services that use Bouncy Castle will throw the following exception:
java.io.IOException: exception unwrapping private key - java.security.InvalidKeyException: Illegal key size