spring org.jasypt.exceptions.EncryptionOperationNotPossibleException
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/15544266/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
org.jasypt.exceptions.EncryptionOperationNotPossibleException
提问by Arun Kumar
I am using Jasypt-1.9.0with Spring 3.1and Hibernate 4.0.1. I have a requirement in my application to connect to database whose password(root) is stored in the encrypted form in the property file within the application.
我将Jasypt-1.9.0与Spring 3.1和Hibernate 4.0.1 一起使用。我的应用程序需要连接到数据库,该数据库的密码(root)以加密形式存储在应用程序内的属性文件中。
I looked online and found the way with following links:
我在网上查看并通过以下链接找到了方法:
I have done the following steps and configuration for my requirement:
我已经根据我的要求完成了以下步骤和配置:
- Added jasypt-1.9.0and jasypt-hibernate4-1.9.0 in build path.
- Added following in my dispatcher-servletfile:
- 在构建路径中添加了jasypt-1.9.0和jasypt-hibernate4-1.9.0。
- 在我的dispatcher-servlet文件中添加了以下内容:
< bean id="propertyConfigurer"
class="org.jasypt.spring31.properties.EncryptablePropertyPlaceholderConfigurer">
< constructor-arg ref="configurationEncryptor" />
< property name="locations">
< list>
< value>classpath:database.properties< /value>
< /list>
< /property>
< /bean>
< bean id="configurationEncryptor"
class="org.jasypt.encryption.pbe.StandardPBEStringEncryptor">
< property name="config" ref="environmentVariablesConfiguration" />
< /bean>
< bean id="environmentVariablesConfiguration"
class="org.jasypt.encryption.pbe.config.EnvironmentStringPBEConfig">
< property name="algorithm" value="PBEWithMD5AndDES" />
< property name="passwordEnvName" value="APP_ENCRYPTION_PASSWORD" />
</bean>
- Using CLI tool of Jasypt 1.9.0,I have generated the password below(attached snapshot of CLI)
- 使用Jasypt 1.9.0的CLI工具,我生成了下面的密码(附CLI快照)
- Added a new Environment Varibale as APP_ENCRYPTION_PASSWORDwith value as root
- 添加了一个新的环境变量作为APP_ENCRYPTION_PASSWORD,值为root
- Added the encrypted password in database.properties file
- 在database.properties 文件中添加了加密密码
db.driverClassName=com.mysql.jdbc.Driver
db.url=jdbc:mysql://localhost:3306/db1
db.username=root
db.password=ENC(bmfeQmgP/hJrh+mj6NANKA==)
Now, if I run my application, the following exception appears:
现在,如果我运行我的应用程序,会出现以下异常:
org.jasypt.exceptions.EncryptionOperationNotPossibleException
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:981)
at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:725)
at org.jasypt.properties.PropertyValueEncryptionUtils.decrypt(PropertyValueEncryptionUtils.java:72)
回答by Nadir
The question is most probably out of date, but for future seekers... EncryptionOperationNotPossibleException is a general exception thrown by jasypt to mask other possible exceptions. This exception can occur when:
这个问题很可能已经过时了,但对于未来的寻求者...... EncryptionOperationNotPossibleException 是 jasypt 抛出的一般异常,以掩盖其他可能的异常。在以下情况下可能会发生此异常:
- your jdk does not have the JCE unlimited strenght installed (most common case)
- you had some data in the database that was encrypted before with other password
- you had some data in database that were not encrypted before and you added encryption to some field
- jasypt failed to decrypt the encrypted value from db because of some strange corruption of data
- many many others, you just need to debug to find out the real cause..
- 您的 jdk 没有安装 JCE 无限强度(最常见的情况)
- 你在数据库中有一些数据之前用其他密码加密过
- 您在数据库中有一些以前未加密的数据,并且您向某些字段添加了加密
- 由于一些奇怪的数据损坏,jasypt 无法从 db 解密加密值
- 许多其他的,你只需要调试找出真正的原因..
回答by Fado
If you don't specifiy all the params during encryption, Jasypt will use default values. Make sure to use those exact default values during decryption. Otherwise you may have troubles...
如果您在加密过程中没有指定所有参数,Jasypt 将使用默认值。确保在解密期间使用这些确切的默认值。否则你可能会遇到麻烦...
This work for me:
这对我有用:
mvn jasypt:encrypt -Djasypt.encryptor.password='secret' -Djasypt.encryptor.algorithm=PBEWITHHMACSHA512ANDAES_256 -Djasypt.encryptor.iv-generator-classname=org.jasypt.iv.RandomIvGenerator -Djasypt.encryptor.salt-generator-classname=org.jasypt.salt.RandomSaltGenerator -Djasypt.encryptor.key-obtention-iterations=1000 -Djasypt.plugin.path='file:application.yml'
mvn jasypt:encrypt -Djasypt.encryptor.password='secret' -Djasypt.encryptor.algorithm=PBEWITHHMACSHA512ANDAES_256 -Djasypt.encryptor.iv-generator-classname=org.jasypt.iv.RandomIvGenerator -Djasypt.encryptor-classname-generator =org.jasypt.salt.RandomSaltGenerator -Djasypt.encryptor.key-obtention-iterations=1000 -Djasypt.plugin.path='file:application.yml'
mvn jasypt:decrypt -Djasypt.encryptor.password='secret' -Djasypt.encryptor.algorithm=PBEWITHHMACSHA512ANDAES_256 -Djasypt.encryptor.iv-generator-classname=org.jasypt.iv.RandomIvGenerator -Djasypt.encryptor.salt-generator-classname=org.jasypt.salt.RandomSaltGenerator -Djasypt.encryptor.key-obtention-iterations=1000 -Djasypt.plugin.path='file:application.yml'
mvn jasypt:decrypt -Djasypt.encryptor.password='secret' -Djasypt.encryptor.algorithm=PBEWITHHMACSHA512ANDAES_256 -Djasypt.encryptor.iv-generator-classname=org.jasypt.iv.RandomIvGenerator -Djasypt.encryptor.salt-name =org.jasypt.salt.RandomSaltGenerator -Djasypt.encryptor.key-obtention-iterations=1000 -Djasypt.plugin.path='file:application.yml'
回答by ChannaB
I also experienced similar issue when encrypting property file values. I encrypted values in my local Windows machine and tried to deploy in Linux box but JRE versions were different, therefore encrypted values could not be decrypted. But I encrypted the values in Linux machine and decryption was successful.
我在加密属性文件值时也遇到了类似的问题。我在本地 Windows 机器上加密了值,并尝试在 Linux 机器上部署,但JRE 版本不同,因此无法解密加密值。但是我在 Linux 机器上加密了值并且解密成功。
回答by NXT Dev
I had a similar issue, but I realize when using the CLI tool and trying to decrypt the password you don't have to include the algorithm property and the password property needs to match the one used in the CLI Tool.
我遇到了类似的问题,但我意识到在使用 CLI 工具并尝试解密密码时,您不必包含 algorithm 属性,并且密码属性需要与 CLI 工具中使用的属性相匹配。
In their http://www.jasypt.org/encrypting-configuration.html
在他们的http://www.jasypt.org/encrypting-configuration.html
their example looks like this, but this doesn't work.
他们的例子看起来像这样,但这不起作用。
encryptor.setPassword("jasypt"); // could be got from web, env variable...
encryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256");
encryptor.setIvGenerator(new RandomIvGenerator());
encryptor.setPassword("jasypt"); // could be got from web, env variable...
encryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256");
encryptor.setIvGenerator(new RandomIvGenerator());
Solution:
解决方案:
encryptor.setPassword("MYPAS_WORD"); // Like in the CLI Tool
encryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256"); //Remove this
encryptor.setIvGenerator(new RandomIvGenerator()); //Remove this as well
encryptor.setPassword("MYPAS_WORD"); // Like in the CLI Tool
encryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256"); //Remove this
encryptor.setIvGenerator(new RandomIvGenerator()); //Remove this as well
It'll work fine.
它会工作得很好。
In your case you can remove the algorithm property and passwordEvnName needs to match the one used in CLI Tool.
在您的情况下,您可以删除 algorithm 属性,并且 passwordEvnName 需要与 CLI 工具中使用的匹配。
