Caused by: java.security.InvalidKeyException: Illegal key size or default parameters

How to remove the key size restriction in Java JDK?

Are you developing your beautiful application using the Java Cryptography Extension, and using a key length of more than 128 bits you encounter the following error?

Caused by: java.security.InvalidKeyException: Illegal key size or default parameters

There is nothing wrong that you are doing: JDK has a deliberate key size restriction by default, so you cannot use an encryption with key more than 128 bits.

From Oracle’s documentation:

Due to import control restrictions by the governments of a few countries, the jurisdiction policy files shipped with the JDK 5.0 from Sun Microsystems specify that “strong” but limited cryptography may be used.

Some countries have restrictions on the permitted key strength used in encryption algorithms:

An “unlimited strength” version of these files indicating no restrictions on cryptographic strengths is available for those living in eligible countries (which is most countries). But only the “strong” version can be imported into those countries whose governments mandate restrictions. The JCE framework will enforce the restrictions specified in the installed jurisdiction policy files.

How to remove the key size restriction?

You can remove the maximum key restriction by replacing the existing JCE jars with unlimited strength policy jars.

Copy local_policy.jar and US_export_policy.jar extracted from above zip file to the $JAVA_HOME/jre/lib/security

Then simply restart you java application and the Exception should be gone.

from:https://www.andreafortuna.org/java/java-tips-how-to-fix-the-invalidkeyexception-illegal-key-size-or-default-parameters-runtime/

如果不方便覆盖文件,可以在代码中通过反射修改,在main中调用一下方法就Ok了:

/**
     * 去除JCE限制
     */
    private static void removeJceLimit()
    {
        //去除JCE加密限制,只限于Java1.8
        try {
            Field field = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
            field.setAccessible(true);

            Field modifiersField = Field.class.getDeclaredField("modifiers");
            modifiersField.setAccessible(true);
            modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL);

            field.set(null, false);

            LOGGER.info("============= remove the key size restriction Success =============");

        } catch (ClassNotFoundException | NoSuchFieldException | SecurityException | IllegalArgumentException | IllegalAccessException ex) {
            ex.printStackTrace(System.err);
        }
    }

原文地址:https://www.cnblogs.com/zjoch/p/9674508.html

时间: 2024-11-03 21:12:10

Caused by: java.security.InvalidKeyException: Illegal key size or default parameters的相关文章

java.security.InvalidKeyException: Illegal key size or default parameters

做CA认证 生成证书时候出错,后来发现是 秘钥长度太长了,怎么会有这个问题呢,看下面的: 参考网址 : http://open.eucalyptus.com/forum/illegal-key-size http://ksgimi.iteye.com/blog/1584716 异常: EjbcaException_Exception: exception encrypting data - java.security.InvalidKeyException: Illegal key size 分

Java学习-050-AES256 之 java.security.InvalidKeyException: Illegal key size or default parameters 解决方法

在进行 Java AES 加密测试时,出现如下错误信息: java.security.InvalidKeyException: Illegal key size or default parameters at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026) at javax.crypto.Cipher.implInit(Cipher.java:801) at javax.crypto.Cipher.chooseProvider(Cip

错误:java.security.InvalidKeyException: Illegal key size or default parameters解决方法

Java几乎各种常用加密算法都能找到对应的实现.因为美国的出口限制,Sun通过权限文件(local_policy.jar.US_export_policy.jar)做了相应限制.因此存在一些问题: ●密钥长度上不能满足需求(如:java.security.InvalidKeyException: Illegal key size or default parameters): ●部分算法未能支持,如MD4.SHA-224等算法: ●API使用起来还不是很方便:一些常用的进制转换辅助工具未能提供,

AES加密时抛出java.security.InvalidKeyException: Illegal key size or default parametersIllegal key size or default parameters

使用AES加密时,当密钥大于128时,代码会抛出java.security.InvalidKeyException: Illegal key size or default parameters Illegal key size or default parameters是指密钥长度是受限制的,java运行时环境读到的是受限的policy文件.文件位于${java_home}/jre/lib/security 这种限制是因为美国对软件出口的控制. 解决办法: 去掉这种限制需要下载Java Cry

AES加密时抛出java.security.InvalidKeyException: Illegal key size or def

原文:AES加密时抛出java.security.InvalidKeyException: Illegal key size or def 使用AES加密时,当密钥大于128时,代码会抛出 java.security.InvalidKeyException: Illegal key size or default parameters Illegal key size or default parameters是指密钥长度是受限制的,java运行时环境读到的是受限的policy文件.文件位于${

JAVA - Blowfish加密出现java.security.InvalidKeyException: Illegal key size 解决方案

最近用java进行一个blowfish的加密算法,但是在我们的eclipse上报出Illegal key size的错误.google后发现原因是:ymmetricDS加密symmetric.properties中数据库密码产生"Illegal Key Size"错误 根据symmetricDS的guide文档,想要加密symmetric.properties中的db.password,需要跑以下命令: sym -p E:\someplace\symmetric.properties

Tomcat启动报java.security.InvalidKeyException:illegal Key Size

背景: 最近在搭建公司的一个服务,需要用到tomcat,可以启动tomcat之后,日志总是报错. java.security.InvalidKeyException:illegal Key Size. 查了一下,这是一个java加解密的问题. 我按照网上的方法,下载了JCE_policy文件,放上去之后还是报这样的错误. 注意: 因为安装的JDK版本不一样所造成的,JCE_policy版本要跟JDK版本匹配. 网上说到的都是JDK1.6版本.我安装的是JDK1.7版本. 这是因为用到了jdk s

java.security.InvalidKeyException:illegal Key Size

现象 使用了weixin-java-tools包对接微信企业号,在激活回调URL时就发生异常,AES加密失败,报java.security.InvalidKeyException:illegal Key Size,当密钥大于128位时报此错误. 解决方案 到Oracle官网下载JCE无限制权限策略文件(注意对应版本),下载后解压,可以看到local_policy.jar和US_export_policy.jar以及readme.txt.如果安装了JRE, 将两个jar文件放到%JRE_HOME%

抛出java.security.InvalidKeyException: Illegal key size

使用FlexiEC的Provider来做ECIES加密时,发现IESParameterSpec在配置完参数后,代码会抛出java.security.InvalidKeyException: Illegal key size, 感觉应该是JCE的问题,于是查关于JCE的资料发现:Illegal key size or default parameters是指密钥长度是受限制的,java运行时环境读到的是受限的policy文件.文件位于${java_home}/jre/lib/security 这种