Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Unable to decrypt error using jasypt with spring boot

I am using spring boot:2.2.2.RELEASE when i tried to add jasypt functionality to hide my password i got the following error

Unable to decrypt: ENC(MyEncryptedPass). Decryption of Properties failed, make sure encryption/decryption passwords match

i used the command line to encrypt the password and decrypt it and it works fine so i am sure my encryption and decryption passwords are exact but i get this error when i try to launch my spring application. So any help (•–•)

like image 660
AHM200 Avatar asked Nov 29 '22 00:11

AHM200


2 Answers

As from version 3.0.0 of jasypt-spring-boot, the default encryption/decryption algorithm has changed to PBEWITHHMACSHA512ANDAES_256

The change can be found here: https://github.com/ulisesbocchio/jasypt-spring-boot#update-11242019-version-300-release-includes

To decrypt previously encrypted values, add these two values in your properties:

jasypt.encryptor.algorithm=PBEWithMD5AndDES
jasypt.encryptor.iv-generator-classname=org.jasypt.iv.NoIvGenerator
like image 99
Martin Mogusu Avatar answered May 16 '23 06:05

Martin Mogusu


I was also facing the same issue. Initially, I was encrypting using jasypt CLI and putting the same value in the property file. But by default property of com.github.ulisesbocchio jar is different from CLI. Try to use the below code for encryption.

private static StringEncryptor stringEncryptor() {
    PooledPBEStringEncryptor encryptor = new PooledPBEStringEncryptor();
    SimpleStringPBEConfig config = new SimpleStringPBEConfig();
    config.setPassword(password);
    config.setAlgorithm("PBEWithMD5AndDES");
    config.setKeyObtentionIterations("1000");
    config.setPoolSize("1");
    config.setProviderName("SunJCE");
    config.setSaltGeneratorClassName("org.jasypt.salt.RandomSaltGenerator");
    config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator");
    config.setStringOutputType("base64");
    encryptor.setConfig(config);
    return encryptor;
}

private static String encrypt(String text) {
    StringEncryptor textEncryptor = stringEncryptor();
    String encryptedText = textEncryptor.encrypt(text);
    return encryptedText;
}

private static String decrypt(String text) {
    StringEncryptor textEncryptor = stringEncryptor();
    String decryptedText = textEncryptor.decrypt(text);
    return decryptedText;
}

public static void main(String[] args) {
    System.out.println(encrypt("StackOverFlow"));
}
like image 36
Nikhil Mishra Avatar answered May 16 '23 06:05

Nikhil Mishra