org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters
Hi when i am trying to add securement Encryption Sym Algorithm in spring ws configuration it is giving following exception :
Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data; nested exception is:
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:599)
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:459)
at org.apache.ws.security.message.WSSecEncrypt.encryptForInternalRef(WSSecEncrypt.java:348)
at org.apache.ws.security.message.WSSecEncrypt.build(WSSecEncrypt.java:309)
at org.apache.ws.security.action.EncryptionAction.execute(EncryptionAction.java:62)
... 20 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters
at org.apache.xml.security.encryption.XMLC开发者_JS百科ipher.encryptData(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.encryptElement(Unknown Source)
at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source)
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:593)
... 24 more
Does this help?: http://blog.rampartfaq.com/2009/08/faq-001-javasecurityinvalidkeyexception.html
You need to patch your JDK with Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.
After Updating the JDK library with "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6" the problem was resolved.
you can download library from http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
This is pretty old question(Links in the answers are either not working or does not provide details for latest java versions).
I faced the issue recently and would like to add more details.
Root Cause: Java 8 and earlier versions does not support keys with 256-bit AES encryption by default; only 128-bit AES encryption is supported.
Solution: Issue can be resolved by installing the Oracle Java JCE unlimited strength jars. Follow the link to download the jars for Java 8 and earlier versions: Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.
Jar files are available for Java versions 6, 7 and 8.
Download the zip file by accepting license agreement, unzip it and copy these jar files to $JAVA_HOME/jre/lib/security/ directory. Restart application, if running already, for the jars to take effect.
Java 9 and later uses the unlimited policy files by default.
精彩评论