Record the problems needed when connecting to the WeChat interface, and an error will be reported when decrypting the WeChat message. It is normal to decrypt locally, but an error will be reported when it is deployed to the server for decryption
Error message
java.security.InvalidKeyException: Illegal key size at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039) at javax.crypto.Cipher.implInit(Cipher.java:805) at javax.crypto.Cipher.chooseProvider(Cipher.java:864) at javax.crypto.Cipher.init(Cipher.java:1396) at javax.crypto.Cipher.init(Cipher.java:1327) at qq.weixin.mp.aes.WXBizMsgCrypt.decrypt(WXBizMsgCrypt.java:162) at qq.weixin.mp.aes.WXBizMsgCrypt.decryptMsg(WXBizMsgCrypt.java:267) at com.xxx.util.MessageUtil.buildMsg4Receive(MessageUtil.java:228) at com.xxx.util.RocketMQMessageUtil.wechatInfo4Xml(RocketMQMessageUtil.java:181) at com.xxx.util.RocketMQMessageUtil.put2RocketWorkQueue(RocketMQMessageUtil.java:45) at com.xxx.wechat.controller.WechatMessageController.wechatMessagePost(WechatMessageController.java:154) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:498) at org.springframework.web.method.support.InvocableHandlerMethod.doInvoke(InvocableHandlerMethod.java:189) at org.springframework.web.method.support.InvocableHandlerMethod.invokeForRequest(InvocableHandlerMethod.java:138) at org.springframework.web.servlet.mvc.method.annotation.ServletInvocableHandlerMethod.invokeAndHandle(ServletInvocableHandlerMethod.java:102) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.invokeHandlerMethod(RequestMappingHandlerAdapter.java:895) at org.springframework.web.servlet.mvc.method.annotation.RequestMappingHandlerAdapter.handleInternal(RequestMappingHandlerAdapter.java:800) at org.springframework.web.servlet.mvc.method.AbstractHandlerMethodAdapter.handle(AbstractHandlerMethodAdapter.java:87) at org.springframework.web.servlet.DispatcherServlet.doDispatch(DispatcherServlet.java:1038) at org.springframework.web.servlet.DispatcherServlet.doService(DispatcherServlet.java:942) at org.springframework.web.servlet.FrameworkServlet.processRequest(FrameworkServlet.java:1005) at org.springframework.web.servlet.FrameworkServlet.doPost(FrameworkServlet.java:908) at javax.servlet.http.HttpServlet.service(HttpServlet.java:681) at org.springframework.web.servlet.FrameworkServlet.service(FrameworkServlet.java:882) at javax.servlet.http.HttpServlet.service(HttpServlet.java:764) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:231) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at com.alibaba.druid.support.http.WebStatFilter.doFilter(WebStatFilter.java:123) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:130) at org.springframework.boot.web.servlet.support.ErrorPageFilter.access$000(ErrorPageFilter.java:66) at org.springframework.boot.web.servlet.support.ErrorPageFilter$1.doFilterInternal(ErrorPageFilter.java:105) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.springframework.boot.web.servlet.support.ErrorPageFilter.doFilter(ErrorPageFilter.java:123) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.springframework.web.filter.CharacterEncodingFilter.doFilterInternal(CharacterEncodingFilter.java:200) at org.springframework.web.filter.OncePerRequestFilter.doFilter(OncePerRequestFilter.java:107) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:193) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:166) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:543) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92) at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:698) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:367) at org.apache.coyote.http11.Http11Processor.service(Http11Processor.java:639) at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65) at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:882) at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1647) at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49) at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191) at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659) at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61) at java.lang.Thread.run(Thread.java:748)
Why is there such an error?
When we do Java development or Android development, we will first install JDK (Java Development Kit) on the computer and configure environment variables. JDK is the software development kit of Java language. JDK contains JRE (Java Runtime Environment, namely: Java runtime environment), JRE includes the Java Virtual Machine (Java Virtual Machine), Java core class library and supporting files, and the protagonist we are going to talk about today is in the Java core class library. There is a JCE (Java Cryptography Extension) in Java’s core class library. JCE is a set of packages that provide the framework and implementation for encryption, key generation and negotiation, and Message Authentication Code (MAC) algorithm, so this is the implementation An important class library for encryption and decryption.
There is such a folder under the JRE directory we installed: %JAVE_HOME%\jre\lib\security (%JAVE_HOME% is the Java path of your computer, and the default version is: C:\Program Files\Java , depending on the path you chose when you installed JDK and JRE), which contains two .jar files: “local_policy.jar” and “US_export_policy.jar”, which is what we usually call the jar package. That is to say, the class library contained in Java (the class library encapsulated by Sun’s program Daniel, for programmers who use Java to develop), these two jar packages are the core class libraries in our JCE. The “local_policy.jar” and “US_export_policy.jar” that come with JRE are encryption algorithms that support 128-bit keys, but when we want to use 256-bit key algorithms, it is beyond its scope and cannot be supported. Will report: “java.security.InvalidKeyException: Illegal key size or default parameters” exception.
The above reason description is copied from:https://blog.csdn.net/dling8/article/details/84061948
Resolve
Go to the official website to download the JCE unlimited authority policy file
JDK5: http://www.oracle.com/technetwork/java/javasebusiness/downloads/java-archive-downloads-java-plat-419418.html#jce_policy-1.5.0-oth-JPR
JDK6: http://www.oracle.com/technetwork/java/javase/downloads/jce-6-download-429243.html
Download address of JDK7: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
Download address of JDK8: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
Here we take JDK1.8 as an example, enter the download page, and select to download (registration is required if you do not have an Oracle account)
After decompressing the file, the file structure is as follows
After downloading and decompressing, you can see local_policy.jar and US_export_policy.jar and readme.txt
If JRE is installed, put the two jar files in the %JRE_HOME%\lib\security directory to overwrite the original file
If JDK is installed, put the two jar files in the %JDK_HOME%\jre\lib\security directory to overwrite the original files
Specific operation
After the replacement is complete, restart tomcat