Skip to main content

Hey,

 

I'm using the java SDK with the maven dependency 2.8.1.

I generated a public/private key pair using the Box platform, and stored the json config file in my project.

Following the tutorial I try to authenticate with this code:

 

// Open a reader to read and dispose of the automatically created Box configuration file.

try(Reader reader = new FileReader("../config/testBoxConfig.json")) {

    // Initialize the SDK with the Box configuration file and create a client that uses the Service Account.

    BoxConfig boxConfig = BoxConfig.readFrom(reader);

    BoxDeveloperEditionAPIConnection serviceAccountClient = BoxDeveloperEditionAPIConnection.getAppEnterpriseConnection(boxConfig);
} catch (....

I debugged the code to make sure that the boxConfig object really contains all the keys form the json.

 

When the application tries to call the method

getAppEnterpriseConnection(boxConfig)

I get following exception:

Exception in thread "main" com.box.sdk.BoxAPIException: Error parsing PKCS private key for Box Developer Edition.

	at com.box.sdk.BoxDeveloperEditionAPIConnection.decryptPrivateKey(BoxDeveloperEditionAPIConnection.java:467)

	at com.box.sdk.BoxDeveloperEditionAPIConnection.constructJWTAssertion(BoxDeveloperEditionAPIConnection.java:405)

	at com.box.sdk.BoxDeveloperEditionAPIConnection.authenticate(BoxDeveloperEditionAPIConnection.java:315)

	at com.box.sdk.BoxDeveloperEditionAPIConnection.getAppEnterpriseConnection(BoxDeveloperEditionAPIConnection.java:174)

	at com.box.sdk.BoxDeveloperEditionAPIConnection.getAppEnterpriseConnection(BoxDeveloperEditionAPIConnection.java:206)

...

Caused by: org.bouncycastle.pkcs.PKCSException: unable to read encrypted data: 1.2.***number removed for privacy***.1.5.13 not available: Illegal key size

	at org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo.decryptPrivateKeyInfo(Unknown Source)

	at com.box.sdk.BoxDeveloperEditionAPIConnection.decryptPrivateKey(BoxDeveloperEditionAPIConnection.java:456)

	... 10 more

Caused by: org.bouncycastle.operator.OperatorCreationException: 1.2.***number removed for privacy***.1.5.13 not available: Illegal key size

	at org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder$1.get(Unknown Source)

	... 12 more

Caused by: java.security.InvalidKeyException: Illegal key size

	at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)

	at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1060)

	at javax.crypto.Cipher.init(Cipher.java:1536)

	at javax.crypto.Cipher.init(Cipher.java:1470)

	... 13 more

Is this a bug? When check the keys on the boxConfig all of them (except the private key of course) show the same values as in the Box platform on the browser. Is the version of the maven dependency wrong? Maybe the code of the tutorial does not work with that version?


In the web I found a hack to get around this problem.

 

        // hack for JCE Unlimited Strength

        Field field = Class.forName("javax.crypto.JceSecurity").getDeclaredField("isRestricted");

        field.setAccessible(true);



        Field modifiersField = Field.class.getDeclaredField("modifiers");

        modifiersField.setAccessible(true);

        modifiersField.setInt(field, field.getModifiers() & ~Modifier.FINAL);



        field.set(null, false);

Thanks  for following up and posting the solution for others to see! Greatly appreciated!


Reply


Terms & ConditionsCookie settings