Exporting encrypted forms to CSV fails on macOS

[yanokwa]

Related to #65, exporting an encrypted CSV on macOS Sierra 10.12.3 with Java 1.8.0_121 fails with

Error decrypting:submission.xml.enc Cause: java.security.InvalidKeyException: Illegal key size

Starting Export...
Processing instance: uuidfbf126e9-3ae8-4211-83d6-5e43a17252bf
Error decrypting submission uuidfbf126e9-3ae8-4211-83d6-5e43a17252bf Cause: org.opendatakit.briefcase.model.CryptoException: Error decrypting:submission.xml.enc Cause: java.security.InvalidKeyException: Illegal key size
FAILED!

This is despite having the JCE installed (brew cask install java jce-unlimited-strength-policy). This is likely because the application is running from the JRE instead of the JDK. Maybe.

[rclakmal]

@yanokwa In OS X Sierra (10. 12)version 10.12 and java version "1.8.0_73" the encrypted export fails with the following stack.

java.security.InvalidKeyException: Illegal key size
	at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
	at javax.crypto.Cipher.implInit(Cipher.java:805)
	at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
	at javax.crypto.Cipher.init(Cipher.java:1396)
	at javax.crypto.Cipher.init(Cipher.java:1327)
	at org.opendatakit.briefcase.util.CipherFactory.getCipher(CipherFactory.java:79)
	at org.opendatakit.briefcase.util.EncryptionInformation.getCipher(EncryptionInformation.java:67)
	at org.opendatakit.briefcase.util.FileSystemUtils.decryptFile(FileSystemUtils.java:476)
	at org.opendatakit.briefcase.util.FileSystemUtils.decryptSubmissionFiles(FileSystemUtils.java:627)
	at org.opendatakit.briefcase.util.FileSystemUtils.decryptAndValidateSubmission(FileSystemUtils.java:825)
	at org.opendatakit.briefcase.util.ExportToCsv.processInstance(ExportToCsv.java:850)
	at org.opendatakit.briefcase.util.ExportToCsv.doAction(ExportToCsv.java:145)
	at org.opendatakit.briefcase.util.ExportAction$TransformFormRunnable.run(ExportAction.java:57)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
	at java.lang.Thread.run(Thread.java:745)

[rclakmal]

@yanokwa However, downloading JCE libraries and placing them in ${java.home}/jre/lib/security/ worked !! :)

encrypted_form.csv.txt

[yanokwa]

I had the chance to try this in a fresh macOS 10.12 (Sierra) VM and this is what I've learned.

These days, Java does not come with macOS. So when you go to install Java, you are usually pointed to Oracle Java.

Oracle Java is installed in two locations depending on if you choose to install the JRE or JDK.

• JRE: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/
• JDK: /Library/Java/JavaVirtualMachines/jdk1.x.x_xxx.jdk/Contents/Home/

The JRE allows you to double-click to open jars from the Finder and run Java in the browser, but the JRE does not come with the java binary. If you want to run any of the typical Java commands (e.g., for Briefcase's CLI mode), you must install the JDK.

You don't need to install both the JDK and JRE because if you install the JDK, it will also install the JRE at the JRE location list above.

You might have multiple JDKs. Check their locations with /usr/libexec/java_home -V

Briefcase will run fine with the JRE or the JDK, but to unencrypt forms, users must install Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files.

• Java 7: http://www.oracle.com/technetwork/java/javase/downloads/jce-7-download-432124.html
• Java 8: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html.

JCE is a zip file with two files local_policy.jar and US_export_policy.jar. These files must be placed in these locations:

• JRE: /Library/Internet Plug-Ins/JavaAppletPlugin.plugin/Contents/Home/lib/security/
• JDK: /Library/Java/JavaVirtualMachines/jdk1.8.0_131.jdk/Contents/Home/jre/lib/security/

The "limited" versions of these files already exist in those locations, so it's easiest to rename them to *.bak and then install the "unlimited" versions. You must then reboot because the JRE only seems to load new jars on reboot.

If you have the JDK, you must install the policy files in both locations. This is because the JRE is used when you double-click the jar, but the JDK is used when you run Briefcase from the command line.

So, with that background, the reason why brew cask install java jce-unlimited-strength-policy does not work is because jce-unlimited-strength-policy only installs the Unlimited Strength Jurisdiction Policy Files in the JDK location, and not the JRE location.

I've updated the docs at https://opendatakit.org/help/encrypted-forms and I have filed an issue upstream on brew to fix this at Homebrew/homebrew-cask#32720.