java中使用AES對稱加密後,請求報錯:
Caused by: java.lang.RuntimeException: java.security.InvalidKeyException: Illegal key size or default parameters
at com.btzh.util.AESUtil.encrypt(AESUtil.java:18)
at com.btzh.service.impl.SiThirdSystemServiceImpl.mapSystemParams(SiThirdSystemServiceImpl.java:32)
at com.btzh.resource.SiThirdSystemResource.mapSystemParams(SiThirdSystemResource.java:41)
... 43 common frames omitted
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026)
at javax.crypto.Cipher.implInit(Cipher.java:801)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1249)
at javax.crypto.Cipher.init(Cipher.java:1186)
at com.btzh.util.AESUtil.encrypt(AESUtil.java:15)
原因是美國的出口限制,Sun通過權限文件(local_policy.jar、US_export_policy.jar)做了相應限制。密鑰長度最大128,對於需要更大長度的場景則會拋出上面異常。
解決辦法是下載Oracle官方網站上的無政策限制權限文件,下載鏈接:
jdk8:https://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
下載後將%JAVA_HOME%\jre\lib\security
中的local_policy.jar
和US_export_policy.jar
替換爲下載包中的的local_policy.jar
和US_export_policy.jar
。