Using openhab in Docker prevents authentication - Illegal key size - CRYPTO_POLICY ==> limited

[ulbi]

Hi, I just tried to use the great ViCare binding and the authentication failed.

Checking the log I see: 2022-10-22 07:49:10.104 [WARN ] [ernal.tokenstore.PersistedTokenStore] - Unable to store refresh token java.security.InvalidKeyException: Illegal key size at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1076) ~[?:?] at javax.crypto.Cipher.implInit(Cipher.java:842) ~[?:?] at javax.crypto.Cipher.chooseProvider(Cipher.java:901) ~[?:?] at javax.crypto.Cipher.init(Cipher.java:1433) ~[?:?] at javax.crypto.Cipher.init(Cipher.java:1364) ~[?:?] at com.qubular.openhab.binding.vicare.internal.CryptUtil.initCipher(CryptUtil.java:61) ~[?:?] at com.qubular.openhab.binding.vicare.internal.CryptUtil.encrypt(CryptUtil.java:41) ~[?:?] at com.qubular.openhab.binding.vicare.internal.tokenstore.PersistedTokenStore.storeRefreshToken(PersistedTokenStore.java:119) ~[?:?] at com.qubular.vicare.internal.servlet.VicareServlet.lambda$extractAuthCodeAndFetchAccessToken$1(VicareServlet.java:146) ~[bundleFile:?] ....

I took me a while to figure out what's going on.

Finally it came down to learning that the Java crypto.policy is set to "limited" in my environment.

I do run openhab in a docker container which sets the "CRYPTO_POLICY" env variable to "limited" by default (in order to not conflict with some local laws). Once changed to "unlimited" I was able to authenticate. See here : [https://hub.docker.com/r/openhab/openhab/#java-cryptographic-strength-policy]

This is a feature request to catch the exception above and add a hint to check the CRYPTO_POLICY setting.

Thanks, René