Encryption Exception while loading application properties ( Java jasypt encryption)

Question

When trying to install a module using Maven, it throws up the following error:

org.jasypt.exceptions.EncryptionOperationNotPossibleException:
Encryption raised an exception.
A possible cause is you are using strong encryption algorithms and you have not 
installed the Java Cryptography Extension (JCE) Unlimited Strength 
Jurisdiction Policy Files in this Java Virtual Machine

The application properties are encoded like this:

app.check.url=ENC(sCO3322RNYdt3wPfO04GoaN9PijwJzUcn9rb4ggHymA\=)

And my spring configuration looks like this:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
   xmlns:context="http://www.springframework.org/schema/context"
   xmlns:p="http://www.springframework.org/schema/p"
   xsi:schemaLocation="http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.0.xsd
                       http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd">
<bean id="placeholderConfig" class="org.jasypt.spring.properties.EncryptablePropertyPlaceholderConfigurer">
    <constructor-arg ref="configurationEncryptor"/>
    <property name="ignoreResourceNotFound">
        <value>true</value>
    </property>
    <property name="ignoreUnresolvablePlaceholders">
        <value>false</value>
    </property>
    <property name="locations">
        <list>
            <!-- These always come from the file system in ./conf/appCtx -->
            <value>file:../application.properties</value>
        </list>
    </property>
    <property name="systemPropertiesModeName">
        <value>SYSTEM_PROPERTIES_MODE_OVERRIDE</value>
    </property>
</bean>
<bean id="configurationEncryptor" class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
    <property name="config" ref="environmentVariablesConfiguration"/>
</bean>
<bean id="environmentVariablesConfiguration"
      class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
    <property name="algorithm" value="PBEWithMD5AndTripleDES"/>
    <property name="passwordEnvName" value="APP_ENCRYPTION_PASSWORD"/>
</bean>

And I have jdk 1.7 which does have the necessary JCE files for the encryption.

Any ideas on how to resolve this issue?

Answer 1

Your problem is not that you don't have the JCE. You do. But from your configuration, you are using a TripleDES algorithm and this requires installing the JCE "Unlimited Strength Jurisdiction Policy files", as the error says.

These files can be downloaded from Oracle's site (from the same page you download the JDK) and are distributed under a sligthly different license agreement, because you have to assure you are not from a "forbidden" country (Iran, N.Korea, etc)...

See this question at the Jasypt FAQ: http://www.jasypt.org/faq.html#no-unlimited-strength

Answer 2

you did not install jce,by default present in lib\security.But its not accessed or used.please download jce files and overwrite the existing files.see your error itself you have not installed the Java Cryptography Extension (JCE)

1. Follow this link and resolved your error. [or]
   2.org.jasypt.exceptions.EncryptionOperationNotPossibleException