IOException while using PBEWITHHMACSHA512ANDAES_256

ulisesbocchio / jasypt-spring-boot

Jasypt integration for Spring boot

MIT License

2.91k stars 522 forks source link

IOException while using PBEWITHHMACSHA512ANDAES_256 #124

Closed maybeec closed 5 years ago

maybeec commented 5 years ago

Referring to #88 thanks for pointing out the configuration for algorithm=PBEWITHHMACSHA512ANDAES_256. But anyhow, I could not get it to run. I am generating my password by passing the parameters algorithm=PBEWITHHMACSHA512ANDAES_256 saltGeneratorClassName=org.jasypt.salt.RandomSaltGenerator. Furthmore, I took the configuration you have shown in #88.

Anyhow, at debugging, I can see, that an IOException is raised:

java.io.IOException: extra data given to DerValue constructor

any idea what might be the case here?

maybeec commented 5 years ago

Regenerating the encoded password, I now got

java.io.IOException: DerInputStream.getLength(): lengthTag=124, too big.

I am a little bit confused. Is the password passed to the SimplePBEByteEncryptor interpreted as a DER encoded certificate or is it used to decrypt a DER encoded certificate? If so, where should I configure a path for such a certificate?

maybeec commented 5 years ago

I also tried https://github.com/ulisesbocchio/jasypt-spring-boot-samples/tree/master/jasypt-spring-boot-demo-custom-encryptor/src/main/resources which seems to work fine with PBEWithMD5AndDES only.

ulisesbocchio commented 5 years ago

should be fixed next release. Checkout https://github.com/ulisesbocchio/jasypt-spring-boot-samples/blob/master/jasypt-spring-boot-demo-ivgenerator/src/main/java/demo/SimplePBEWITHHMACSHA512ANDAES_256DemoApplication.java