AES加密限制文件解决方法

Java Security: Illegal key size or default parameters?

 

I had asked a question about this earlier, but it didn't get answered right and led nowhere. So I've clarified few details on the problem and I would really like to hear your ideas on how could I fix this or what should I try. I've Java 1.6.0.12 installed on my Linux server and the code bellow runs just perfectly. String key = "av45k1pfb024xa3bl359vsb4esortvks74sksr5oy4s5serondry84jsrryuhsr5ys49y5seri5shrdliheuirdygliurguiy5ru"; try { Cipher c = Cipher.getInstance("ARCFOUR"); SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "ARCFOUR"); c.init(Cipher.DECRYPT_MODE, secretKeySpec); return new String(c.doFinal(Hex.decodeHex(data.toCharArray())), "UTF-8"); } catch (InvalidKeyException e) { throw new CryptoException(e); } Today I installed Java 1.6.0.26 on my server user and when I try to run my application, I get the following exception. My guess would be that it has something to do with the Java installation configuration because it works in the first one, but doesn't work in the later version.. Caused by: java.security.InvalidKeyException: Illegal key size or default parameters at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6] at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6] at my.package.Something.decode(RC4Decoder.java:25) ~[my.package.jar:na] ... 5 common frames omitted Line 25 is: c.init(Cipher.DECRYPT_MODE, secretKeySpec); Notes: * java.security on server's 1.6.0.12 java directory match almost completely with the 1.6.0.26 java.security file. There are no additional providers in the first one. * the previous question is here. java share | improve this question asked  Jun 26 '11 at 1:40 Richards 2,187 2 30 61

Refer to How to install Java Cryptography Extension unlimited strength jurisdiction policy files –  Aniket Thakur  Sep 21 at 19:11  add a comment

7 Answers

active oldest votes

up vote 129 down vote accepted

Most likely you don't have the unlimited strength file installed now. You may need to download this file: Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6 Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 Download Install the file in ${java.home}/jre/lib/security/. share | improve this answer edited Mar 10 at 8:26 pudaykiran 2,076 9 33 answered  Jun 26 '11 at 1:48 James Black 26.7k 3 38 87

Oh my, that did the trick! Thank you sooo much for this, i was scared I won't be able to upgrade to Java 7 when it comes out because of this. Haha. Thanks! :) –   Richards  Jun 26 '11 at 11:31 5   I wasted a lot of time on this problem. Thanks!!! –   Rahul  Jul 18 '11 at 7:05 Since these files go under the jre directory, if I use them for development, the end user will need them installed as well in order to run my application correct (ie: The unlimited strength is not compiled in)? –  wufoo  Apr 10 '12 at 15:04  @wufoo - Correct, the user has to have them also. –   James Black  Apr 10 '12 at 17:03 1   @aroth - Which version of the JDK are you using and which file did you install? –   James Black  Oct 24 '12 at 11:09 show 12 more comments

up vote 19 down vote	For JAVA 7 the download link is jce-7-download Copy the two downloaded jars in Java\jdk1.7.0_10\jre\lib\security Take a backup of older jars to be on safer side. share | improve this answer answered  Jan 9 '13 at 14:29 C Deepak 449 6 12
	add a comment

up vote 12 down vote	"Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6" http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html share | improve this answer answered  Dec 22 '11 at 10:33 user665928 131 1 2
	add a comment

up vote 5 down vote	The JRE/JDK/Java 8 jurisdiction files can be found here: Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download Like James said above: Install the files in ${java.home}/jre/lib/security/. share | improve this answer edited 2 days ago     answered  Apr 23 at 21:11 Saad Malik 153 3 6
	add a comment

up vote 3 down vote

I experienced the same error while using Windows 7 x64, Eclipse, and JDK 1.6.0_30. In the JDK installation folder there is a jre folder. This threw me off at first as I was adding the aforementioned jars to the JDK's lib/security folder with no luck. Full path: C:\Program Files\Java\jdk1.6.0_30\jre\lib\security Download and extract the files contained in the jce folder of this archive into that folder. share | improve this answer edited Aug 29 at 13:46     answered  Mar 23 '12 at 18:34 bowmanb 650 1 5 15

add a comment

up vote 2 down vote	I also got the issue but after replacing existing one with the downloaded (from JCE) one resolved the issue. New crypto files provided unlimited strength. share | improve this answer answered  Dec 15 '11 at 6:44 Dev G 380 5 18
	add a comment

up vote 2 down vote	There's a short discussion of what appears to be this issue here. The page it links to appears to be gone, but one of the responses might be what you need: Indeed, copying US_export_policy.jar and local_policy.jar from core/lib/jce to $JAVA_HOME/jre/lib/security helped. Thanks. share | improve this answer edited Apr 28 at 3:24 jww 12k 10 45 107 answered  Jun 26 '11 at 1:47 RHSeeger 9,363 1 28 34
	Thanks, but I had US_export_policy.jar and local_policy.jar in my lib/security folder already once I installed Java.. And I couldn't find core/lib/jce by the way in my Java installation folder. –   Richards  Jun 26 '11 at 11:20 add a comment

Your Answer

转自：http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters