search

todvora / eet-client

Client and library for #EET communication - http://www.etrzby.cz/ , written in Java
MIT License
48 stars 26 forks source link

java.security.InvalidKeyException: Illegal key size #10

Closed guerrillalg closed 7 years ago

guerrillalg commented 7 years ago

Hi, I was struggling with EET integration because of the following exception for quite a while:

Caused by: java.io.IOException: exception unwrapping private key - java.security.InvalidKeyException: Illegal key size
        at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.unwrapKey(Unknown Source)
        at org.bouncycastle.jcajce.provider.keystore.pkcs12.PKCS12KeyStoreSpi.engineLoad(Unknown Source)
        at java.security.KeyStore.load(KeyStore.java:1445)
        at cz.tomasdvorak.eet.client.security.ClientKey.getKeyStore(ClientKey.java:83)

The problem was that the code from example was working fine with test keys & certificates, but it was not working with production keys & certificates. It took me a while to find out that the problem is that you need to install a Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy in to your environment (Download the JCE, read their ReadMe, replace files in your current Java installation and restart the app.)

This is far not obvious and I didn't see a single note about this in the documentation. I suggest to put it on this repo and maybe to the main ReadMe file for future troubleshooting.

todvora commented 7 years ago

Hi, thank you for your comment. You are right, that's something what should be definitely mentioned in README. Would you like to send a pull request or should I do it?

Thanks! Tomas

todvora commented 7 years ago

Added to readme, see https://github.com/todvora/eet-client#java-cryptography-extension-jce-unlimited-strength. Thank you the information.

Regards, Tomas