退款问题

💰退款遇到的问题

✋ 有个别客户遇到,原因是秘钥太长导致

java中使用AES对称加密后,请求报错: Caused by: java.lang.RuntimeException: java.security.InvalidKeyException: Illegal key size or default parameters at com.

原因是美国的出口限制,Sun通过权限文件(local_policy.jar、US_export_policy.jar)做了相应限制。密钥长度最大128,对于需要更大长度的场景则会抛出上面异常。

🤔 问题log1

Caused by: java.lang.RuntimeException: java.security.InvalidKeyException: Illegal key size or default parameters
        at com.btzh.util.AESUtil.encrypt(AESUtil.java:18)
        at com.btzh.service.impl.SiThirdSystemServiceImpl.mapSystemParams(SiThirdSystemServiceImpl.java:32)
        at com.btzh.resource.SiThirdSystemResource.mapSystemParams(SiThirdSystemResource.java:41)
        ... 43 common frames omitted
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1026)
        at javax.crypto.Cipher.implInit(Cipher.java:801)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1249)
        at javax.crypto.Cipher.init(Cipher.java:1186)
        at com.btzh.util.AESUtil.encrypt(AESUtil.java:15)

🤔 问题log2

"app": "Crmeb_admin",
                    "timestamp":"2022-03-12 02:54:47.822",
                    "level": "ERROR",
                    "thread": "http-nio-20000-exec-29",
                    "class": "c.z.s.service.impl.CallbackServiceImpl",
                    "message": "微信退款回调异常,e==》pad block corrupted" }

{
                    "app": "Crmeb_admin",
                    "timestamp":"2022-03-12 02:54:47.822",
                    "level": "ERROR",
                    "thread": "http-nio-20000-exec-29",
                    "class": "c.z.s.service.impl.CallbackServiceImpl",
                    "message": "微信退款回调失败==>{returnXml=<xml><return_code><![CDATA[SUCCESS]]></return_code><return_msg><![CDATA[OK]]></return_msg></xm

✅ 解决办法是下载Oracle官方网站上的无政策限制权限文件,下载链接:

jdk8:https://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html

✅ 也可以通过我准备的网盘下载-快不用注册Oracle

https://cloud.189.cn/t/ABBJ7fvAj6B3(访问码:h7wy)

🚗 下载后将%JAVA_HOME%\jre\lib\security中的local_policy.jarUS_export_policy.jar替换为下载包中的的local_policy.jarUS_export_policy.jar

在CentOs 7.6环境查看jdk安装目录

在/usr/java/jdk1.8.0_131/jre/lib/security下替换local_policy.jar和US_export_policy.jar

tips 官方的密钥应该再128之内