Thursday, December 26, 2013

Encryption

In Computer Science, Encryption refers to the process of encoding (converting into a coded/unreadable form) some information as it cannot be decoded (convert back into a readable form) by the unwanted parties.

Sender encrypt the information using an encryption algorithm with a encryption key. This produces the encrypted message which is unreadable, generally called cipher-text. When the legitimate receivers receive the message they use a decryption algorithm with a secret decryption key to decrypt the message and extract the original information.


  1. Sender prepare the message.
  2. Encrypt the message using encryption key
  3. Encrypted message is sent to the receiver (message is in unreadable form no one can extract the information directly.)
  4. Receiver receive the message and decrypt the message using decryption key
  5. Original message is produced by the receiver

Assumption: Though the encrypted information is hacked by an adversaries they don't have the secret description key to decrypt the message. So the information is safe.

There are two types of encryption mechanisms
  1. Symmetric Encryption - A single key is used for both encryption and decryption. The key is shared among the senders and receivers. The requirement to have access to the key by both parties is one of the drawbacks of this mechanism.
  2. Asymmetric Encryption (Public Key Encryption) - Two separate keys are used for encryption and decryption. One key is made public and published, this is used to encrypt the message. The other key is kept private (secret) and used to decrypt the message.

Thursday, December 12, 2013

org.apache.axis2.AxisFault: Error in encryption (Illegal key size or default parameters)

This issue comes when your application uses a bigger key size in encryption than the default key size provided by the Java runtime.

Solution:
  1. Download Unlimited Strength Java(TM) Cryptography Extension (JCE) Policy Files for the Java(TM) Platform (based on your JDK version)
  2. Please *.jar files in the following location
    • $JAVA_HOME/jre/lib/security/

[java] Using WS-Security
     [java] 13/12/12 20:12:25 INFO mail.MailTransportSender: MAILTO Sender started
     [java] 13/12/12 20:12:25 INFO jms.JMSSender: JMS Sender started
     [java] 13/12/12 20:12:25 INFO jms.JMSSender: JMS Transport Sender initialized...
     [java] org.apache.axis2.AxisFault: Error in encryption
     [java]     at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:76)
     [java]     at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
     [java]     at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
     [java]     at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
     [java]     at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:426)
     [java]     at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:430)
     [java]     at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
     [java]     at org.apache.axis2.client.OperationClient.execute(OperationClient.java:149)
     [java]     at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:554)
     [java]     at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:530)
     [java]     at samples.userguide.StockQuoteClient.executeClient(Unknown Source)
     [java]     at samples.userguide.StockQuoteClient.main(Unknown Source)
     [java] Caused by: org.apache.rampart.RampartException: Error in encryption
     [java]     at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:612)
     [java]     at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:97)
     [java]     at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
     [java]     at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
     [java]     ... 11 more
     [java] Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt data; nested exception is:
     [java]     org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters

     [java] Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters
     [java]     at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:608)
     [java]     at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:461)
     [java]     at org.apache.ws.security.message.WSSecEncrypt.encryptForInternalRef(WSSecEncrypt.java:350)
     [java]     at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:598)
     [java]     ... 14 more
     [java] Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters
     [java] Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters

     [java]     at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1140)
     [java]     at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1081)
     [java]     at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:855)
     [java]     at org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:985)
     [java]     at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:602)
     [java]     ... 17 more
     [java] Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
     [java]     at javax.crypto.Cipher.a(DashoA13*..)
     [java]     at javax.crypto.Cipher.a(DashoA13*..)
     [java]     at javax.crypto.Cipher.a(DashoA13*..)
     [java]     at javax.crypto.Cipher.init(DashoA13*..)
     [java]     at javax.crypto.Cipher.init(DashoA13*..)
     [java]     at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1137)
     [java]     ... 21 more