Record the problems that occur when connecting to the WeChat interface. When decrypting WeChat messages, an error is reported. It is normal to decrypt locally, but when deployed to the server for decryption, an error will be reported.
error message
java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at qq.weixin.mp.aes.WXBizMsgCrypt.decrypt(WXBizMsgCrypt.java:162)
at qq.weixin.mp.aes.WXBizMsgCrypt.decryptMsg(WXBizMsgCrypt.java:267)
at com.xxx.util.MessageUtil.buildMsg4Receive(MessageUtil.java:228)
at com.xxx.util.RocketMQMessageUtil.wechatInfo4Xml(RocketMQMessageUtil.java:181)
at com.xxx.util.RocketMQMessageUtil.put2RocketWorkQueue(RocketMQMessageUtil.java:45)
at com.xxx.wechat.controller.WechatMessageController.wechatMessagePost(WechatMessageController.java:154)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189)
at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138)
at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895)
at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800)
at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87)
at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038)
at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942)
at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005)
at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:908)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:681)
at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:764)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66)
at org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200)
at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:698)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:367)
at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:639)
at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:882)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1647)
at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
at java.lang.Thread.run(Thread.java:748)
Why is there such an error?
When we do Java development or Android development, we will first install JDK (Java Development Kit) on the computer and configure environment variables. JDK is the software development kit of Java language. JDK contains JRE (Java Runtime Environment, namely: Java runtime environment), JRE includes the Java Virtual Machine (Java Virtual Machine), Java core class library and supporting files, and the protagonist we are going to talk about today is in the Java core class library. There is a JCE (Java Cryptography Extension) in Java's core class library. JCE is a set of packages that provide the framework and implementation for encryption, key generation and negotiation, and Message Authentication Code (MAC) algorithm, so this is the implementation An important class library for encryption and decryption.
There is such a folder under the JRE directory we installed: %JAVE_HOME%\jre\lib\security (%JAVE_HOME% is the Java path of your computer, the first version defaults to: C:\Program Files\Java, depending on your time What is the path selected when installing JDK and JRE), which contains two . The class library (the class library encapsulated by Sun's program Daniel, for programmers who use Java development), these two jar packages are the core class libraries in our JCE. The "local_policy.jar" and "US_export_policy.jar" that come with JRE are encryption algorithms that support 128-bit keys, but when we want to use 256-bit key algorithms, it is beyond its scope and cannot be supported. Will report: "java.security.InvalidKeyException: Illegal key size or default parameters" exception.
The above reason description is copied from: https://blog.csdn.net/dling8/article/details/84061948
solve
Go to the official download JCE unlimited authority policy file
JDK6: http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
Download address of JDK7: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
Download address of JDK8: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
Here we take JDK1.8 as an example, enter the download page, and select to download (registration is required if you do not have an Oracle account)
After decompressing the file, the file structure is as follows
After downloading and decompressing, you can see local_policy.jar and US_export_policy.jar and readme.txt
If JRE is installed, put the two jar files in the %JRE_HOME%\lib\security directory to overwrite the original files
If JDK is installed, put the two jar files in the %JDK_HOME%\jre\lib\security directory to overwrite the original files
Concrete operation
After the replacement is complete, restart tomcat