Back

Explore Courses Blog Tutorials Interview Questions
0 votes
1 view
in Java by (4k points)

I had asked a question about this earlier, but it didn't get answered right and led nowhere.

So I've clarified a few details on the problem and I would really like to hear your ideas on how could I fix this or what should I try.

I have Java 1.6.0.12 installed on my Linux server and the code below runs just perfectly.

String key = "av45k1pfb024xa3bl359vsb4esortvks74sksr5oy4s5serondry84jsrryuhsr5ys49y5seri5shrdliheuirdygliurguiy5ru";

try {

    Cipher c = Cipher.getInstance("ARCFOUR");

    SecretKeySpec secretKeySpec = new SecretKeySpec(key.getBytes("UTF-8"), "ARCFOUR");

    c.init(Cipher.DECRYPT_MODE, secretKeySpec);

    return new String(c.doFinal(Hex.decodeHex(data.toCharArray())), "UTF-8");

} catch (InvalidKeyException e) {

    throw new CryptoException(e);

}

Today I installed Java 1.6.0.26 on my server user and when I try to run my application, I get the following exception. My guess would be that it has something to do with the Java installation configuration because it works in the first one, but doesn't work in the later version.

Caused by: java.security.InvalidKeyException: Illegal key size or default parameters

    at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]

    at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]

    at javax.crypto.Cipher.a(DashoA13*..) ~[na:1.6]

    at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6]

    at javax.crypto.Cipher.init(DashoA13*..) ~[na:1.6]

    at my.package.Something.decode(RC4Decoder.java:25) ~[my.package.jar:na]

    ... 5 common frames omitted

Line 25 is: c.init(Cipher.DECRYPT_MODE, secretKeySpec);

Notes:

* java.security on server's 1.6.0.12 java directory matches almost completely with the 1.6.0.26 java.security file. There are no additional providers in the first one.

2 Answers

0 votes
by (46k points)

Most expected you don't hold the unlimited strength file installed presently.

You may require to download this file:

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 Download

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download (only required for versions before Java 8 u162)

Extract the jar files from the zip and save them in ${java.home}/jre/lib/security/.

0 votes
by (108k points)

Starting from Java 9 or 8u151, you can utilize comment a line in the file:

<JAVA_HOME>/jre/lib/security/java.security

And just change:

#crypto.policy=unlimited

to

crypto.policy=unlimited

Related questions

0 votes
1 answer
0 votes
1 answer
0 votes
1 answer

Browse Categories

...