{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 初与友歌 的问题《Java Security: Illegal key size or default paramet》','https://www.manongdao.com/q-4534.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I had asked a question about this earlier, but it didn't get answered right and led nowhere.
So I've clarified few details on the problem and I would really like to hear your ideas on how could I fix this or what should I try.
I have Java 1.6.0.12 installed on my Linux server and the code below runs just perfectly.
String key = "av45k1pfb024xa3bl359vsb4esortvks74sksr5oy4s5serondry84jsrryuhsr5ys49y5seri5shrdliheuirdygliurguiy5ru";
try {
Cipher c = Cipher.getInstance("ARCFOUR");
SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "ARCFOUR");
c.init(Cipher.DECRYPT_MODE, secretKeySpec);
return new String(c.doFinal(Hex.decodeHex(data.toCharArray())), "UTF-8");
} catch (InvalidKeyException e) {
throw new CryptoException(e);
}
Today I installed Java 1.6.0.26 on my server user and when I try to run my application, I get the following exception. My guess would be that it has something to do with the Java installation configuration because it works in the first one, but doesn't work in the later version.
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]
at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]
at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]
at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6]
at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6]
at my.package.Something.decode(RC4Decoder.java:25) ~[my.package.jar:na]
... 5 common frames omitted
Line 25 is:
c.init(Cipher.DECRYPT_MODE, secretKeySpec);
Notes:
* java.security on server's 1.6.0.12 java directory matches almost completely with the 1.6.0.26 java.security file. There are no additional providers in the first one.
* The previous question is here.
The JRE/JDK/Java 8 jurisdiction files can be found here:
Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download
Like James said above:
Install the files in
${java.home}/jre/lib/security/.By default, Java only supports AES 128 bit (16 bytes) key sizes for encryption. If you do not need more than default supported, you can trim the key to the proper size before using
Cipher. See javadoc for default supported keys.This is an example of generating a key that would work with any JVM version without modifying the policy files. Use at your own discretion.
Here is a good article on whether key 128 to 256 key sizes matter on AgileBits Blog
there are two options to solve this issue
option number 1 : use certificate with less length RSA 2048
option number 2 : you will update two jars in
jre\lib\securitywhatever you use java http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.htmlor you use IBM websphere or any application server that use its java . the main problem that i faced i used certification with maximum length ,when i deployed ears on websphere the same exception is thrown
i updated java intsalled folder in websphere with two jars https://www14.software.ibm.com/webapp/iwm/web/reg/pick.do?source=jcesdk&lang=en_US
you can check reference in link https://www-01.ibm.com/support/docview.wss?uid=swg21663373
There's a short discussion of what appears to be this issue here. The page it links to appears to be gone, but one of the responses might be what you need:
Default JDK supports encryption only through 128 bit keys becuase of American restrictions. So to support encryption from 256 bit long key we have to replace
local_policy.jarandUS_export_policy.jarsin$JAVA_HOME/java-8-oracle/jre/lib/securityfolder otherwise it will give:Both jars and detailed concept can be understand from the link:
easybook4u.com
I also got the issue but after replacing existing one with the downloaded (from JCE) one resolved the issue. New crypto files provided unlimited strength.