preface

This article documents a problem encountered in online deployment, the limitations of the ENCRYPTION and decryption strategy of Jdk8.

A, problem,

AES encryption and decryption is abnormal

java.security.InvalidKeyException: Illegal key size
Copy the code

This is due to import restrictions in some countries. JDK 8U151 prior to JDK 8U151 limited the maximum key length of some encryption algorithms. For example, AES encryption and decryption of 256-bit keys is not allowed by default. If the number exceeds the threshold, an exception will be reported.

Then I wondered why this problem didn’t occur locally, only on the server, so I specifically looked at the two JAR files on the local and the two JAR files on the server.

Windwos in Java_home/jre/lib/security, MAC in the Java_home/jre/lib/security/policy has two jar files under local_policy. The jar and US_export_policy jar.

RNM, originally there was a restricted version and an unrestricted version. So I didn’t have the limitations of JceSecurity when I started locally and allowed the AES encryption algorithm to be used, but it had a limited version provided by Java Bundle on the server, which is why I encountered this problem when migrating the server.

Second, solutions

Replace local_policy.jar and us_export_policy. jar with unrestricted jars. JCE unrestricted permission policy files can be downloaded from the official website:

JDK6 has download address: \ JDK7 download address: http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html \ JDK8 download address: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html \ http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.htmlCopy the code

Or just click download: click download (this is JDK8)

One-click install script

# yum -y curl unzip 
curl -q -L -C - -b "oraclelicense=accept-securebackup-cookie" -o /tmp/jce_policy-8.zip \
-O http://download.oracle.com/otn-pub/java/jce/8/jce_policy-8.zip \
&& unzip -oj -d ${JAVA_HOME}/jre/lib/security /tmp/jce_policy-8.zip \*/\*.jar \
&& rm /tmp/jce_policy-8.zip

Copy the code

mo4tech.com (Moment For Technology) is a global community with thousands techies from across the global hang out!Passionate technologists, be it gadget freaks, tech enthusiasts, coders, technopreneurs, or CIOs, you would find them all here.

Record a pothole encountered while migrating the system

preface

A, problem,

Second, solutions

Record a pothole encountered while migrating the system

preface

A, problem,

Second, solutions

Related Posts

Data structure – the basic method of binary tree

Get the Offer in the bowl, Volatile problem buster

Common causes of Runtime error