search

ulisesbocchio / jasypt-spring-boot

Jasypt integration for Spring boot
MIT License
2.87k stars 514 forks source link

jasypt: ecryption of Properties failed, make sure encryption/decryption passwords match apres upgrading from version 2.3 to 3.0.5 #393

Closed boufenzi closed 4 months ago

boufenzi commented 4 months ago

hello guys i have a problem with jasypt-spring-boot, after upgrading this maven dependency my decryption does not work anymore, i'm getting Caused by: com.ulisesbocchio.jasyptspringboot.exception.DecryptionException: Unable to decrypt property: ENC(/mlNAXHOWyj+ePy7k0JC6WiYxxssJz+57fz97o........) resolved to: ENC(/mlNAXHOWyj+ePy7k0JC6WiYxxssJz+57fz97o....). Decryption of Properties failed, make sure encryption/decryption passwords match i'm using database.encryption.algorithm=PBEWITHHMACSHA512ANDAES_128 and here is my config: 

   private static PooledPBEStringEncryptor getInstance(String secretKey, String algorithm) {
        encryptor = new PooledPBEStringEncryptor();
        SimpleStringPBEConfig config = new SimpleStringPBEConfig();
        config.setPasswordCharArray(secretKey.toCharArray());
        config.setAlgorithm(algorithm);
        config.setKeyObtentionIterations("1");
        config.setSaltGenerator(new StringFixedSaltGenerator(salt));
        config.setIvGenerator(new StringFixedIvGenerator(iv));
        config.setPoolSize(1);
        config.setProviderName("SunJCE");
        config.setStringOutputType("base64");
        encryptor.setConfig(config);
        return encryptor;
    }

My dependency looks like this: 

           <dependency>
                <groupId>com.github.ulisesbocchio</groupId>
                <artifactId>jasypt-spring-boot</artifactId>
                <version>3.0.5</version>
                <exclusions>
                    <exclusion>
                        <groupId>com.melloware</groupId>
                        <artifactId>jasypt</artifactId>
                    </exclusion>
                </exclusions>
            </dependency>

i tried to add: config.setIvGeneratorClassName("org.jasypt.iv.RandomIvGenerator"); but it didn't work PI @ulisesbocchio can you help please because i saw that you know where this probleme come from.

boufenzi commented 4 months ago

the solution is to override the configuration that were by default in previous version.