1 Reply Latest reply: Nov 14, 2012 4:43 PM by Pavana RSS

    java.security.InvalidKeyException: Illegal key size

    Pavana
      Hi all,

      I have JDeveloper 11.1.6.0 and when I run a J2EE application, I am receiving the following error message. NOTE: I have started receiving this error message only when Java got upgraded on my machine. It was working until then.

      Options that I have already tried with no luck:

      1) Copied US_export_policy.jar and local_policy.jar to the jre/lib/security of my Oracle folder as well as main java jdk1.6.0_26 folder in program files
      2) Did set "JAVA_OPTIONS to -Dweblogic.security.SSL.nojce=true in both startManagedWebLogic.sh and startManagedWebLogic.cmd files

      java.security.InvalidKeyException: Illegal key size
           at javax.crypto.Cipher.a(DashoA13*..)
           at javax.crypto.Cipher.init(DashoA13*..)
           at javax.crypto.Cipher.init(DashoA13*..)
           at com.certicom.tls.provider.Cipher.init(Unknown Source)
           at com.certicom.tls.ciphersuite.SecurityParameters.createWriteCipher(Unknown Source)
           at com.certicom.tls.record.handshake.HandshakeHandler.changeCipherSpec(Unknown Source)
           at com.certicom.tls.record.handshake.ClientStateReceivedCertificate.handle(Unknown Source)
           at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
           at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
           at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
           at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
           at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
           at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
           at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
           at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
           at com.certicom.tls.record.WriteHandler.write(Unknown Source)
           at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
           at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
           at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
           at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
           at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:162)
           at weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:256)
           at jsp_servlet.__expresscheckout.httpcall(__expresscheckout.java:184)
           at jsp_servlet.__expresscheckout.CallShortcutExpressCheckout(__expresscheckout.java:100)
           at jsp_servlet.__expresscheckout._jspService(__expresscheckout.java:464)
           at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
           at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
           at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
           at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
           at weblogic.servlet.internal.ServletStubImpl.onAddToMapException(ServletStubImpl.java:416)
           at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:326)
           at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
           at java.security.AccessController.doPrivileged(Native Method)
           at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
           at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
           at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
           at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
           at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
           at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
           at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
           at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
           at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
           at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
           at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
           at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
      <Nov 14, 2012 10:17:54 AM CST> <Error> <HTTP> <BEA-101020> <[ServletContext@15932635[app:WPP_TestApp module:WPP_TestApp-ViewController-context-root path:/WPP_TestApp-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
      java.lang.IllegalStateException: Cipher not initialized
           at javax.crypto.Cipher.c(DashoA13*..)
           at javax.crypto.Cipher.update(DashoA13*..)
           at com.certicom.tls.provider.Cipher.update(Unknown Source)
           at com.certicom.tls.record.MessageEncryptor.compressEncryptSend(Unknown Source)
           at com.certicom.tls.record.MessageEncryptor.compressEncryptSend(Unknown Source)
           Truncated. see log file for complete stacktrace
      >
      <Nov 14, 2012 10:17:54 AM CST> <Notice> <Diagnostics> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'DefaultServer' has triggered at Nov 14, 2012 10:17:54 AM CST. Notification details:
      WatchRuleType: Log
      WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'WL-101020') OR (MSGID = 'WL-101017') OR (MSGID = 'WL-000802') OR (MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA-000802'))
      WatchData: DATE = Nov 14, 2012 10:17:54 AM CST SERVER = DefaultServer MESSAGE = [ServletContext@15932635[app:WPP_TestApp module:WPP_TestApp-ViewController-context-root path:/WPP_TestApp-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
      java.lang.IllegalStateException: Cipher not initialized
           at javax.crypto.Cipher.c(DashoA13*..)
           at javax.crypto.Cipher.update(DashoA13*..)
           at com.certicom.tls.provider.Cipher.update(Unknown Source)
           at com.certicom.tls.record.MessageEncryptor.compressEncryptSend(Unknown Source)
           at com.certicom.tls.record.MessageEncryptor.compressEncryptSend(Unknown Source)
           at com.certicom.tls.record.MessageFragmentor.write(Unknown Source)
           at com.certicom.tls.record.WriteHandler.write(Unknown Source)
           at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
           at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
           at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
           at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
           at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
           at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
           at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
           at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
           at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
           at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
           at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
           at com.certicom.tls.record.WriteHandler.write(Unknown Source)
           at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
           at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
           at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
           at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
           at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:162)
           at weblogic.net.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:256)
           at jsp_servlet.__expresscheckout.httpcall(__expresscheckout.java:184)
           at jsp_servlet.__expresscheckout.CallShortcutExpressCheckout(__expresscheckout.java:100)
           at jsp_servlet.__expresscheckout._jspService(__expresscheckout.java:464)
           at weblogic.servlet.jsp.JspBase.service(JspBase.java:34)
           at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
           at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
           at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
           at weblogic.servlet.internal.ServletStubImpl.onAddToMapException(ServletStubImpl.java:416)
           at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:326)
           at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
           at java.security.AccessController.doPrivileged(Native Method)
           at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
           at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
           at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
           at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
           at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
           at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
           at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
           at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
           at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
           at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
           at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
           at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
      SUBSYSTEM = HTTP USERID = <WLS Kernel> SEVERITY = Error THREAD = [ACTIVE] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)' MSGID = BEA-101020 MACHINE = 03 TXID = CONTEXTID = 17e9f6fd5617d463:-7d41a624:13affb609aa:-8000-0000000000000013 TIMESTAMP = 1352909874333
      WatchAlarmType: AutomaticReset
      WatchAlarmResetPeriod: 30000
      >

      Please help.

      Thanks in advance!
      PS

      Edited by: Pavana on Nov 14, 2012 9:07 AM

      Edited by: Pavana on Nov 14, 2012 3:16 PM
        • 1. Re: java.security.InvalidKeyException: Illegal key size
          Pavana
          Issue got fixed!!

          This http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters did the trick. Although i have installed those java cryptography extension files earlier, the ones that I have downloaded from the above link did work. I had to install the local_policy.jar and
          US_export_policy.jar policy files in all JRE folders that I have on my machine along with the oracle installation folder.

          Thanks,
          PS

          Edited by: Pavana on Nov 14, 2012 2:42 PM

          Edited by: Pavana on Nov 14, 2012 2:43 PM