Decryption error when receiving WeChat encrypted message -java.security.InvalidKeyException: Illegal key size (local decryption is normal, server decryption error)

Language 2023-07-15 20:25:16 views: null

Record the problems that occur when connecting to the WeChat interface. When decrypting WeChat messages, an error is reported. It is normal to decrypt locally, but when deployed to the server for decryption, an error will be reported.

error message

java.security.InvalidKeyException: Illegal key size
	at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
	at javax.crypto.Cipher.implInit(Cipher.java:805)
	at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
	at javax.crypto.Cipher.init(Cipher.java:1396)
	at javax.crypto.Cipher.init(Cipher.java:1327)
	at qq.weixin.mp.aes.WXBizMsgCrypt.decrypt(WXBizMsgCrypt.java:162)
	at qq.weixin.mp.aes.WXBizMsgCrypt.decryptMsg(WXBizMsgCrypt.java:267)
	at com.xxx.util.MessageUtil.buildMsg4Receive(MessageUtil.java:228)
	at com.xxx.util.RocketMQMessageUtil.wechatInfo4Xml(RocketMQMessageUtil.java:181)
	at com.xxx.util.RocketMQMessageUtil.put2RocketWorkQueue(RocketMQMessageUtil.java:45)
	at com.xxx.wechat.controller.WechatMessageController.wechatMessagePost(WechatMessageController.java:154)
	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
	at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.lang.reflect.Method.invoke(Method.java:498)
	at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189)
	at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
	at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
	at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800)
	at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
	at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)
	at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)
	at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)
	at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:908)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:681)
	at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882)
	at javax.servlet.http.HttpServlet.service(HttpServlet.java:764)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130)
	at org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
	at org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
	at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
	at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
	at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:698)
	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:367)
	at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:639)
	at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
	at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:882)
	at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1647)
	at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
	at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
	at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
	at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
	at java.lang.Thread.run(Thread.java:748)

Why is there such an error?

When we do Java development or Android development, we will first install JDK (Java Development Kit) on the computer and configure environment variables. JDK is the software development kit of Java language. JDK contains JRE (Java Runtime Environment, namely: Java runtime environment), JRE includes the Java Virtual Machine (Java Virtual Machine), Java core class library and supporting files, and the protagonist we are going to talk about today is in the Java core class library. There is a JCE (Java Cryptography Extension) in Java's core class library. JCE is a set of packages that provide the framework and implementation for encryption, key generation and negotiation, and Message Authentication Code (MAC) algorithm, so this is the implementation An important class library for encryption and decryption.

There is such a folder under the JRE directory we installed: %JAVE_HOME%\jre\lib\security (%JAVE_HOME% is the Java path of your computer, the first version defaults to: C:\Program Files\Java, depending on your time What is the path selected when installing JDK and JRE), which contains two . The class library (the class library encapsulated by Sun's program Daniel, for programmers who use Java development), these two jar packages are the core class libraries in our JCE. The "local_policy.jar" and "US_export_policy.jar" that come with JRE are encryption algorithms that support 128-bit keys, but when we want to use 256-bit key algorithms, it is beyond its scope and cannot be supported. Will report: "java.security.InvalidKeyException: Illegal key size or default parameters" exception.

The above reason description is copied from: https://blog.csdn.net/dling8/article/details/84061948

solve

Go to the official download JCE unlimited authority policy file

JDK5: http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-java-plat-419418.html#jce_policy-1.5.0-oth-JPR

JDK6: http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html

Download address of JDK7: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html

Download address of JDK8: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

Here we take JDK1.8 as an example, enter the download page, and select to download (registration is required if you do not have an Oracle account)
insert image description here

After decompressing the file, the file structure is as follows
insert image description here

After downloading and decompressing, you can see local_policy.jar and US_export_policy.jar and readme.txt

If JRE is installed, put the two jar files in the %JRE_HOME%\lib\security directory to overwrite the original files

If JDK is installed, put the two jar files in the %JDK_HOME%\jre\lib\security directory to overwrite the original files

Concrete operation

insert image description here
After the replacement is complete, restart tomcat

Guess you like

Origin blog.csdn.net/weixin_52116015/article/details/130845894
Recommended
Ranking
SpringBoot-integrate redis
[Sword pointing to offer] Interview question 03: Repeated numbers in an array
Arrangement "Offer Penalty for prove safety" string
Browser prevent the automatic generation of fill and Echo have been saved account solutions
Work hard and never slacken——2022 Yinmai Information Year-End Summary
Install jdk7 on Linux system
App common dependency management tools
EduCoder-Web程序设计基础-html5— 给表单组件添加说明-第1关:label标签相关概念
Machine learning - clustering - density clustering algorithm notes
Ant's large model is exposed, AI+ finance enters the "big model" era
Daily
More
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)

Code World

© 2018 codetd.com