This topic provides solutions for the common issues in the current Java SDK version. The solutions are for reference only.
Issue 1: Failed to load user.key due to illegal key length.
Error prompt:
09:49:40.623 [main] ERROR com.github.lyd.msg.provider.DemoSample - unable to read private key,wrong password? errorCode :{MychainSdkErrorCodeEnum{errorCode='30001', errorDesc='sdk invalid private key'}}
09:49:40.626 [main] ERROR com.github.lyd.msg.provider.DemoSample - unable to read encrypted data: 1.2.840.113549.1.12.1.3 not available: Illegal key size or default parameters
Exception in thread "main" com.alipay.mychain.sdk.exceptions.MychainSdkException: unable to read encrypted data: 1.2.840.113549.1.12.1.3 not available: Illegal key size or default parameters
Solution:
This error occurs because the default configurations of some JDK versions include key limits. In this case, the SDK fails to decrypt the key file when the file is loaded.
To rectify this problem, add the following code to the beginning of the main
function in DemoSample.java
.
String errorString = "Failed to modify key-length permissions";
int newMaxKeyLength;
try {
if ((newMaxKeyLength = Cipher.getMaxAllowedKeyLength("AES")) < 256) {
System.out.println("will modify aes length");
Class c = Class.forName("javax.crypto.CryptoAllPermissionCollection");
Constructor con = c.getDeclaredConstructor();
con.setAccessible(true);
Object allPermissionCollection = con.newInstance();
Field f = c.getDeclaredField("all_allowed");
f.setAccessible(true);
f.setBoolean(allPermissionCollection, true);
c = Class.forName("javax.crypto.CryptoPermissions");
con = c.getDeclaredConstructor();
con.setAccessible(true);
Object allPermissions = con.newInstance();
f = c.getDeclaredField("perms");
f.setAccessible(true);
((Map) f.get(allPermissions)).put("*", allPermissionCollection);
c = Class.forName("javax.crypto.JceSecurityManager");
f = c.getDeclaredField("defaultPolicy");
f.setAccessible(true);
Field mf = Field.class.getDeclaredField("modifiers");
mf.setAccessible(true);
mf.setInt(f, f.getModifiers() & ~Modifier.FINAL);
f.set(null, allPermissions);
newMaxKeyLength = Cipher.getMaxAllowedKeyLength("AES");
}
} catch (Exception e) {
throw new RuntimeException(errorString, e);
}
if (newMaxKeyLength < 256) {
throw new RuntimeException(errorString);
}
Issue 2: Failed to decrypt user.key.
Error prompt:
Solution:
This error occurs because the password of the account in user.key
is incorrect. We recommend that you check whether the password specified for the userPassword
variable in DemoSample.java
is correct. If you forget the password, create another account on the BaaS platform. Then, configure a password for the account, download the latest user.key
file, and retry the operation.
Issue 3: Failed to import the SDK by using the Maven file.
Error prompt:
If the system displays a message that indicates that no SDK or Netty package is found, as shown in the following figure, enter the absolute path of the package that you want to import.
Solution:
Add the following information in the pom.xml
file.
<dependencies>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>4.12</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-tcnative-openssl-static</artifactId>
<version>2.0.17</version>
<scope>system</scope>
<systemPath>
{libdir}/netty-tcnative-openssl-static-2.0.17-Final-mychain-{platform}-x86_64.jar
</systemPath>
</dependency>
<dependency>
<groupId>com.alipay.mychainx</groupId>
<artifactId>mychainx-sdk</artifactId>
<version>0.10.2.6</version>
<scope>system</scope>
<systemPath>{libdir}/mychainx-sdk-0.10.2.6.jar
</systemPath>
</dependency>
<dependency>
<groupId>org.slf4j</groupId>
<artifactId>slf4j-api</artifactId>
<version>1.7.25</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>20.0</version>
</dependency>
<dependency>
<groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
<version>1.60</version>
</dependency>
<dependency>
<groupId>io.netty</groupId>
<artifactId>netty-all</artifactId>
<version>4.1.29.Final</version>
</dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
<version>2.4</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>
<artifactId>commons-lang3</artifactId>
<version>3.0</version>
</dependency>
</dependencies>
Note: Change {libdir} to the actual directory of your SDK and {platform} to the platform type, such as windows, linux, or osx.