Licensing of Library
For licensing of Signer.Digital Library, It is required that client has registered with vendor by creating CSC (Crypto Signer Client) account and vendor has created license for the client's required location(s).
Next step is to register site and generate license key to be passed as parameter in setLicenseKey method. A small Licensing Utility is provided by vendor which generates server specific site key, takes CSC UserId and Password and and registers site key on Licensing Server to provide LicenseKey. The Licensing Utility saves the license key in the text file.
NOTE: Skip setLicenseKey call to use the library in DEMO mode.
If LicenseKey is set using setLicenseKey but could not be validated online, it throws exception so that signing does not continue in DEMO mode (with DEMO wartermark!)
The licensing system uses strong cryptography and some of the settings may need to be changed in your JDK or JRE or both to support strong cryptography.
Method 1:
If java version is equal 1.8_151 or lower
Modify File: Javahome\lib\security\java.security
uncomment line
crypto.policy=unlimited
Method 2:
Please refer to below blog post for more details:
Excerpts:
As per the Oracle documentation -
Due to import control restrictions by the governments of a few countries, the jurisdiction policy files shipped with the JDK 5.0 from Sun Microsystems specify that "strong" but limited cryptography may be used.
That mean JDK has a deliberate key size restriction by default. So you cannot perform an encryption with key more than 128 bits (16 bytes). If you do you will get an error something like -
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
If you get this Exception there is nothing wrong that you are doing. It's just the restriction on the encryption key that comes built into the JDK.
The reason for this is that some countries have restrictions on the permitted key strength used in encryption algorithms.
Again as per the documentation -
An "unlimited strength" version of these files indicating no restrictions on cryptographic strengths is available for those living in eligible countries (which is most countries). But only the "strong" version can be imported into those countries whose governments mandate restrictions. The JCE framework will enforce the restrictions specified in the installed jurisdiction policy files.
Before Java 8 Update 151 - Removing the maximum key size restriction
You can remove the maximum key restriction by replacing the existing JCE jars with unlimited strength policy jars.
For this Copy local_policy.jar and US_export_policy.jar extracted from above zip file to the $JAVA_HOME/jre/lib/security
Note: These jars will already be present there so you will have to overwrite them.
Then simply restart your java application and the Exception should be gone.
NOTE: If you are using Ubuntu and the webupd8 PPA, you can simply run -
apt-get install oracle-java8-unlimited-jce-policy