Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data; nested exception is:Root Cause :
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters
Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:567)
at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:454)
at org.apache.ws.security.message.WSSecEncrypt.encryptForInternalRef(WSSecEncrypt.java:351)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:530)
... 12 more
There are key size restrictions with the default JDK comes with - which limits it to 128.
If your security policy uses a key size larger than this - then the above exception is thrown.
For example - if your security policy specifies the algorithemic suite as Basic256 - then the key size to be used is 256.
Solution :
You need to patch your JDK with Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.
For JDK 1.5 download those from here and copy the two jar files from the extracted jce directory (local_policy.jar and US_export_policy.jar) to $JAVA_HOME/jre/lib/security.
For JDK 1.6, policy files can be downloaded from here.
Notes :
If you are running your client through an IDE - and you still gets the above error after applying the provided solution - double check the JAVA_HOME set in the corresponding IDE - and need to patch that corresponding JDK.
3 comments:
Thanks for the Clear Description and it is timely Helpful.Thanks a lot.
i got the same exception after doing the suggested thing by you we got this error
javax.crypto.BadPaddingException: Given final block not properly padded
please help us.
Hi Prabath,
Spot On!!
Patching the JDK and restarting the Service did solve the issue!! :)
Thanks a lot.
Thanks and Regards,
Harshana
Post a Comment