Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
Posted 遥望星空
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了Caused by: java.security.InvalidKeyException: Illegal key size or default parameters相关的知识,希望对你有一定的参考价值。
How to remove the key size restriction in Java JDK?
Are you developing your beautiful application using the Java Cryptography Extension, and using a key length of more than 128 bits you encounter the following error?
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
There is nothing wrong that you are doing: JDK has a deliberate key size restriction by default, so you cannot use an encryption with key more than 128 bits.
From Oracle’s documentation:
Due to import control restrictions by the governments of a few countries, the jurisdiction policy files shipped with the JDK 5.0 from Sun Microsystems specify that “strong” but limited cryptography may be used.
Some countries have restrictions on the permitted key strength used in encryption algorithms:
An “unlimited strength” version of these files indicating no restrictions on cryptographic strengths is available for those living in eligible countries (which is most countries). But only the “strong” version can be imported into those countries whose governments mandate restrictions. The JCE framework will enforce the restrictions specified in the installed jurisdiction policy files.
How to remove the key size restriction?
You can remove the maximum key restriction by replacing the existing JCE jars with unlimited strength policy jars.
- For JAVA 7 the download link is jce-7-download
- For JAVA 8 the download link is jce-8-download
Copy local_policy.jar and US_export_policy.jar extracted from above zip file to the $JAVA_HOME/jre/lib/security
Then simply restart you java application and the Exception should be gone.
from:https://www.andreafortuna.org/java/java-tips-how-to-fix-the-invalidkeyexception-illegal-key-size-or-default-parameters-runtime/
如果不方便覆盖文件,可以在代码中通过反射修改,在main中调用一下方法就Ok了:
/**
* 去除JCE限制
*/
private static void removeJceLimit()
{
//去除JCE加密限制,只限于Java1.8
try {
Field field = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");
field.setAccessible(true);
Field modifiersField = Field.class.getDeclaredField("modifiers");
modifiersField.setAccessible(true);
modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL);
field.set(null, false);
LOGGER.info("============= remove the key size restriction Success =============");
} catch (ClassNotFoundException | NoSuchFieldException | SecurityException | IllegalArgumentException | IllegalAccessException ex) {
ex.printStackTrace(System.err);
}
}
以上是关于Caused by: java.security.InvalidKeyException: Illegal key size or default parameters的主要内容,如果未能解决你的问题,请参考以下文章
Caused by: java.security.InvalidKeyException: Illegal key size
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
Caused by: java.security.PrivilegedActionException: com.sun.xml.bind.v2.runtime.IllegalAnnotationsEx
Mybatis-Caused by: java.security.cert.CertPathValidatorException: Path does not chain with any of th
Mybatis-Caused by: java.security.cert.CertPathValidatorException: Path does not chain with any of th
Mybatis-Caused by: java.security.cert.CertPathValidatorException: Path does not chain with any of th