简介: java中使用AES对称加密后,请求报错: Caused by: java.lang.RuntimeException: java.security.InvalidKeyException: Illegal key size or default parameters at com.
Caused by: java.lang.RuntimeException: java.security.InvalidKeyException: Illegal key size or default parameters at com.btzh.util.AESUtil.encrypt(AESUtil.java:18) at com.btzh.service.impl.SiThirdSystemServiceImpl.mapSystemParams(SiThirdSystemServiceImpl.java:32) at com.btzh.resource.SiThirdSystemResource.mapSystemParams(SiThirdSystemResource.java:41) ... 43 common frames omitted Caused by: java.security.InvalidKeyException: Illegal key size or default parameters at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026) at javax.crypto.Cipher.implInit(Cipher.java:801) at javax.crypto.Cipher.chooseProvider(Cipher.java:864) at javax.crypto.Cipher.init(Cipher.java:1249) at javax.crypto.Cipher.init(Cipher.java:1186) at com.btzh.util.AESUtil.encrypt(AESUtil.java:15)
原因是美国的出口限制,Sun通过权限文件(local_policy.jar、US_export_policy.jar)做了相应限制。密钥长度最大128,对于需要更大长度的场景则会抛出上面异常。
解决办法是下载Oracle官方网站上的无政策限制权限文件,下载链接:
jdk8:https://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
下载后将%JAVA_HOME%jrelibsecurity中的local_policy.jar 和US_export_policy.jar替换为下载包中的的local_policy.jar 和US_export_policy.jar。
在CentOs 7.6环境查看jdk安装目录
在/usr/java/jdk1.8.0_131/jre/lib/security下替换local_policy.jar和US_export_policy.jar