CODEWITHSUNDEEP
javawso2wso2-identity-server
Sudheer Reddy
Sudheer Reddy

Reputation: 1

How to resolve java.security.InvalidKeyException while configuring MFA in WSO2 identity server 5.5.0

I'm using wso2is-5.5.0. I'm trying to enable Multi factor authentication for Identity Server. I have done by following this link https://docs.wso2.com/display/IS530/Configuring+Multi-factor+Authentication+for+WSO2+IS. After restarting while login to management console, it is redirecting to one page showing 

 SAML 2.0 based Single Sign-On
 Error when processing authentication request!
 Please try login again!

In console,

Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default pa
rameters
Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters
        at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1140)
        at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1083)
        at org.opensaml.xml.encryption.Encrypter.encryptElement(Encrypter.java:452)
        ... 66 more
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026)
        at javax.crypto.Cipher.implInit(Cipher.java:801)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1249)
        at javax.crypto.Cipher.init(Cipher.java:1186)
        at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1137)
        ... 68 more

I have downloaded JCE jars for Java 8 and placed in C:\Program Files\Java\jre1.8.0_171\lib\security Still problem persists.

Upvotes: 0

Views: 459

Answers (1)

Dinali Dabarera
Dinali Dabarera

Reputation: 120

This exception is thrown, not due to an issue of the Identity Server. Reason for this issue could be, JCE file is not installed to your JRE properly. But as you have added/replaced local_policy.jar and US_export_policy.jar files, please run the following test code to check whether it is applied properly.

    public class JCETest {

    public static void main(String args[]) {
        int maxKeyLen = 0;
        try {
            maxKeyLen = Cipher.getMaxAllowedKeyLength("AES");
        } catch (NoSuchAlgorithmException e) {
            Assert.fail();
        }

        Assert.assertEquals(2147483647, maxKeyLen);
        System.out.println(maxKeyLen);
    }
}

You should get the following as output, If JCE is successfully installed:

AES key size should be equal to the 2147483647 if JCE files has been installed successfully.

More information is in http://stackoverflow.com/questions/6481627/java-security-illegal-key-size-or-default-parameters

Upvotes: 0

Related Questions