java.lang.IllegalArgumentException: Unable to initialize due to invalid secret key

Question

I'm getting an encryption exception.

I'm running

• OS X 10.11
• Java 1.8
• Groovy Version: 2.4.4
• Gradle 2.3-20141027185330+0000;
• JAVA_HOME=/Library/Java/JavaVirtualMachines/jdk1.8.0_05.jdk/Contents/Home

I installed the Oracle JCE Policy jars into my $JAVA_HOME/lib/security directory:

$ ls -l $JAVA_HOME/lib/security
total 16
-rw-r--r--@ 1 root  wheel  2487 Oct  9 17:21 US_export_policy.jar
-rw-r--r--@ 1 root  wheel  2500 Oct  9 17:21 local_policy.jar

Here's the exception:

com.distributedfinance.mbi.bai.lookup.AccountLookupSpec > constructor missing encryptor FAILED
19:05:00.431 [DEBUG] [TestEventLogger]     java.lang.IllegalArgumentException: Unable to initialize due to invalid secret key
19:05:00.431 [DEBUG] [TestEventLogger]         at org.springframework.security.crypto.encrypt.CipherUtils.initCipher(CipherUtils.java:110)
19:05:00.431 [DEBUG] [TestEventLogger]         at org.springframework.security.crypto.encrypt.AesBytesEncryptor.encrypt(AesBytesEncryptor.java:65)
19:05:00.431 [DEBUG] [TestEventLogger]         at org.springframework.security.crypto.encrypt.HexEncodingTextEncryptor.encrypt(HexEncodingTextEncryptor.java:36)
19:05:00.431 [DEBUG] [TestEventLogger]         at com.distributedfinance.mbi.bai.lookup.AccountLookupSpec.setup(AccountLookupSpec.groovy:26)
19:05:00.431 [DEBUG] [TestEventLogger]
19:05:00.431 [DEBUG] [TestEventLogger]         Caused by:
19:05:00.431 [DEBUG] [TestEventLogger]         java.security.InvalidKeyException: Illegal key size
19:05:00.431 [DEBUG] [TestEventLogger]             at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1034)
19:05:00.431 [DEBUG] [TestEventLogger]             at javax.crypto.Cipher.implInit(Cipher.java:800)
19:05:00.431 [DEBUG] [TestEventLogger]             at javax.crypto.Cipher.chooseProvider(Cipher.java:859)
19:05:00.432 [DEBUG] [TestEventLogger]             at javax.crypto.Cipher.init(Cipher.java:1370)
19:05:00.432 [DEBUG] [TestEventLogger]             at javax.crypto.Cipher.init(Cipher.java:1301)
19:05:00.432 [DEBUG] [TestEventLogger]             at org.springframework.security.crypto.encrypt.CipherUtils.initCipher(CipherUtils.java:105)
19:05:00.432 [DEBUG] [TestEventLogger]             ... 3 more

Code Snippet:

import com.distributedfinance.mbi.payment.repository.AccountRepository
import com.distributedfinance.mbi.domain.Account
import org.springframework.security.crypto.encrypt.Encryptors
import org.springframework.security.crypto.encrypt.TextEncryptor


class AccountLookupSpec extends Specification {
    public static final Logger LOGGER = LoggerFactory.getLogger(AccountLookupSpec.class)

    AccountLookup accountL ookup
    List<Account> accounts
    AccountRepository accountRepository
    TextEncryptor encryptor

    def setup() {
        accountRepository = Mock()
        encryptor = Encryptors.text("password", "991239bab013")

        accounts = new ArrayList<Account>()
        Account account = new Account()
        account.setAccountNumber(encryptor.encrypt("1234567890"))
    }
...

}

Answer 1

The most common reason for this issue is /lib/security does'nt have the Install Java Cryptography Extension (JCE) unlimited strength jurisdiction policy files

Download the Java 7 jar from here

Download the Java 8 jar from here

Follow the read me file and you should be up and running

Answer 2

Other reasons this can happen:

• you're not using the JDK instead of JRE in your project
• you did not put the policy jars in the right folder (basically JDK/jre/lib/security -- see the readme).