topic Re: java.security.InvalidKeyException: Illegal key size in Talend Studio

java.security.InvalidKeyException: Illegal key size

Edboehm — Wed, 08 Apr 2020 13:16:48 GMT

Hi,

On Linux when trying to run a compiled job, this error message is raised:

java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.talend.daikon.crypto.CipherSources$2.get(CipherSources.java:94)
at org.talend.daikon.crypto.CipherSources$SymmetricKeyCipherSource.encrypt(CipherSources.java:141)
at org.talend.daikon.crypto.Encryption.encrypt(Encryption.java:52)
at routines.system.PasswordEncryptUtil.encryptPassword(PasswordEncryptUtil.java:53)
at routines.system.ResumeUtil.convertToJsonText(ResumeUtil.java:350)

Didn't get this error when using version 7.0.1 but do get it with version 7.3.1. Suspect it is related to the context.password variable/value which is automatically encrypted by Talend, since there is not any component explicitly doing anything with encryption at all in the job design.

I found this JCE what might solve it (unable to verify yet). However my preference is not to install that, if it can be avoided.

My question is:
Is the exception indeed related to the context.password and if so is the key size (cryptographic strength) of the password configurable in Talend to avoid this issue?

Re: java.security.InvalidKeyException: Illegal key size

Edboehm — Tue, 14 Apr 2020 08:40:57 GMT

I can confirm now that install of this JCE fixes the issue.

Still I wonder if I could have applied a change in the Talend settings to reduce the used key size.

Re: java.security.InvalidKeyException: Illegal key size

Anonymous — Thu, 07 May 2020 21:44:33 GMT

Hi Edboehm,

I am new to Talend, I am experiencing the same issue with export job on Talend Studio version 7.3.1. I am wondering if you can share how you install "Java Cryptography Extension (JCE)" to solve this issue.

java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)

Re: java.security.InvalidKeyException: Illegal key size

Anonymous — Thu, 07 May 2020 22:09:08 GMT

Hi Edboehm,

Did you just install JCE on the machine? Or upgrade the java version to beyond Java 8 Update 151

Re: java.security.InvalidKeyException: Illegal key size

jaho4112 — Mon, 11 May 2020 11:56:29 GMT

I had the same problem using BouncyCastle in Java when we switched to AES 256 bit encryption.
Fixed it by creating a java.security file in TOS_DI folder with the following lines:
# Allow AES 256 bit encryption to be used (required until Java 9)
crypto.policy=unlimited
Also added the following line to the end of the TOS_DI-win-x86_64.ini file:

-Djava.security.properties=java.security

Alternatively, you can append the above line to the %JAVA_HOME%\lib\security\java.security and leave the ini file untouched.