我使用OpenJDK JRE加密并存储了一些数据到数据库中,并且在从数据库检索时也成功地使用OpenJDK解密。
今天我用Sun的JRE替换了OpenJDK JRE,现在当我试图解密旧的(OpenJDK加密的)数据时,我得到以下异常:
java.security.InvalidKeyException: Illegal key size or default parameters
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.a(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
异常出现在第14行:
// Decrypts the given ciphertext with the given password
public String decrypt(String ciphertext, String password)
throws FailedCryptOperationException {
String plaintext = "";
byte[] ciphertext_bytes = decode(ciphertext);
try {
byte[] salt = decode(SALT_BASE64);
SecretKeyFactory factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1"); //$NON-NLS-1$
KeySpec spec = new PBEKeySpec(password.toCharArray(), salt, 1024, 256);
SecretKey tmp = factory.generateSecret(spec);
SecretKey secret = new SecretKeySpec(tmp.getEncoded(), "AES");
Cipher cipher = Cipher.getInstance("AES");
cipher.init(Cipher.DECRYPT_MODE, secret);
plaintext = new String(cipher.doFinal(ciphertext_bytes), TEXT_FORMAT);
} catch (Exception e) {
throw new FailedCryptOperationException(e);
}
return plaintext;
}
// Does Base64 decoding
public byte[] decode(String text) throws FailedCryptOperationException {
byte[] res;
BASE64Decoder decoder = new BASE64Decoder();
try {
res = decoder.decodeBuffer(text);
} catch (IOException e) {
throw new FailedCryptOperationException(e);
}
return res;
}
这一行:
cipher.init(Cipher.DECRYPT_MODE, secret);
原来的Sun JRE在这里做了一些不同的事情吗?如果是,我该如何解决这个问题?如果没有,那是什么问题?
我认为您需要Java Unlimited JCE扩展。
下载并安装安全策略文件(替换已安装的文件),并将其复制到/lib/security
下的JDK和JRE中。
链接在下载站点Java Downloads