The Problem
Java 1.6.0.12 installed on my Linux server and the code below runs just perfectly.String key = "av45k1pfb024xa3bl359vsb4esortvks74sksr5oy4s5serondry84jsrryuhsr5ys49y5seri5shrdliheuirdygliurguiy5ru"; try { Cipher c = Cipher.getInstance("ARCFOUR"); SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "ARCFOUR"); c.init(Cipher.DECRYPT_MODE, secretKeySpec); return new String(c.doFinal(Hex.decodeHex(data.toCharArray())), "UTF-8"); } catch (InvalidKeyException e) { throw new CryptoException(e); }
When installed Java 1.6.0.26 on my server user and when I try to run my application, I get the following exception. My guess would be that it has something to do with the Java installation configuration because it works in the first one, but doesn't work in the later version.I keep getting this Error.
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6] at my.package.Something.decode(RC4Decoder.java:25) ~[my.package.jar:na] ... 5 common frames omitted
Solution
Most likely you don't have the unlimited strength file installed now.
You may need to download this file:
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download (only required for versions before Java 8 u162)
Extract the jar files from the zip and save them in ${java.home}/jre/lib/security/
This is a code only solution. No need to download or mess with configuration files.
It's a reflection based solution, tested on java 8
Call this method once, early in your program.
//Imports import javax.crypto.Cipher; import java.lang.reflect.Constructor; import java.lang.reflect.Field; import java.lang.reflect.Modifier; import java.util.Map; //method public static void fixKeyLength() { String errorString = "Failed manually overriding key-length permissions."; int newMaxKeyLength; try { if ((newMaxKeyLength = Cipher.getMaxAllowedKeyLength("AES")) < 256) { Class c = Class.forName("javax.crypto.CryptoAllPermissionCollection"); Constructor con = c.getDeclaredConstructor(); con.setAccessible(true); Object allPermissionCollection = con.newInstance(); Field f = c.getDeclaredField("all_allowed"); f.setAccessible(true); f.setBoolean(allPermissionCollection, true); c = Class.forName("javax.crypto.CryptoPermissions"); con = c.getDeclaredConstructor(); con.setAccessible(true); Object allPermissions = con.newInstance(); f = c.getDeclaredField("perms"); f.setAccessible(true); ((Map) f.get(allPermissions)).put("*", allPermissionCollection); c = Class.forName("javax.crypto.JceSecurityManager"); f = c.getDeclaredField("defaultPolicy"); f.setAccessible(true); Field mf = Field.class.getDeclaredField("modifiers"); mf.setAccessible(true); mf.setInt(f, f.getModifiers() & ~Modifier.FINAL); f.set(null, allPermissions); newMaxKeyLength = Cipher.getMaxAllowedKeyLength("AES"); } } catch (Exception e) { throw new RuntimeException(errorString, e); } if (newMaxKeyLength < 256) throw new RuntimeException(errorString); // hack failed }
© Delthas
0 comments:
Post a Comment